diff --git a/docs/security/agent/grype-25.10.1.json b/docs/security/agent/grype-25.10.1.json index 3b7bb9f..3782465 100644 --- a/docs/security/agent/grype-25.10.1.json +++ b/docs/security/agent/grype-25.10.1.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8987,87 +9272,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.1.md b/docs/security/agent/grype-25.10.1.md index 71bec2a..ea3f520 100644 --- a/docs/security/agent/grype-25.10.1.md +++ b/docs/security/agent/grype-25.10.1.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.10.json b/docs/security/agent/grype-25.10.10.json index b034cbd..a5d70e6 100644 --- a/docs/security/agent/grype-25.10.10.json +++ b/docs/security/agent/grype-25.10.10.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "79cdbcbd3d61afd9", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "eb5d2c76ed21fa8e", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "79cdbcbd3d61afd9", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "eb5d2c76ed21fa8e", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3915,8 +3915,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4007,8 +4007,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4073,8 +4073,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4171,8 +4171,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4213,8 +4213,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4264,149 +4264,12 @@ "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:4f25e605e90924ecad459e15c823be698a9bd276d9ae1fd16b8c301c3e38c09e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4422,45 +4285,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4468,28 +4317,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4497,31 +4348,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4529,21 +4366,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4557,14 +4394,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4599,9 +4447,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4617,7 +4465,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -4691,9 +4539,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -4709,7 +4557,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -4741,16 +4589,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "bcbac17c560ff49d", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4f25e605e90924ecad459e15c823be698a9bd276d9ae1fd16b8c301c3e38c09e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4766,21 +4766,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "bcbac17c560ff49d", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -4794,13 +4794,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4834,8 +4834,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -4971,8 +4971,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5013,8 +5013,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5083,6 +5083,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4f25e605e90924ecad459e15c823be698a9bd276d9ae1fd16b8c301c3e38c09e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5108,8 +5253,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5262,8 +5407,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5315,8 +5460,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5407,8 +5552,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5460,8 +5605,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5563,8 +5708,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5617,8 +5762,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5865,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5786,8 +5931,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5884,8 +6029,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -5946,8 +6091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6038,8 +6183,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6086,8 +6231,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6183,8 +6328,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6231,8 +6376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6328,8 +6473,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6376,8 +6521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6473,8 +6618,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6521,8 +6666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6618,8 +6763,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -6771,8 +6916,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -6839,8 +6984,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -6948,8 +7093,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7010,8 +7155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7102,8 +7247,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7172,8 +7317,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7270,8 +7415,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7332,8 +7477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7399,6 +7544,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4f25e605e90924ecad459e15c823be698a9bd276d9ae1fd16b8c301c3e38c09e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7424,8 +7709,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7485,8 +7770,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7933,87 +8218,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.10.md b/docs/security/agent/grype-25.10.10.md index 574ba85..3c7f7a2 100644 --- a/docs/security/agent/grype-25.10.10.md +++ b/docs/security/agent/grype-25.10.10.md @@ -5,14 +5,15 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | fluent-bit | 25.10.10 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.10 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -21,12 +22,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.2.json b/docs/security/agent/grype-25.10.2.json index 9124244..47b37b1 100644 --- a/docs/security/agent/grype-25.10.2.json +++ b/docs/security/agent/grype-25.10.2.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:4e593a36aa3de2f407e5210f48834c898ea266942b6f00e87e00bf330c17f0d3", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.2.md b/docs/security/agent/grype-25.10.2.md index dede08d..bb5ca43 100644 --- a/docs/security/agent/grype-25.10.2.md +++ b/docs/security/agent/grype-25.10.2.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.3.json b/docs/security/agent/grype-25.10.3.json index 3678d83..0a18cf5 100644 --- a/docs/security/agent/grype-25.10.3.json +++ b/docs/security/agent/grype-25.10.3.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8d3b97ee3d08a8955aee847c7fc620fb83979c0b0c17b3e0b0cf9da11df6b858", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.3.md b/docs/security/agent/grype-25.10.3.md index 6060ca3..eac1d0a 100644 --- a/docs/security/agent/grype-25.10.3.md +++ b/docs/security/agent/grype-25.10.3.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.3 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.4.json b/docs/security/agent/grype-25.10.4.json index fbe4192..92a3c77 100644 --- a/docs/security/agent/grype-25.10.4.json +++ b/docs/security/agent/grype-25.10.4.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7b91f9287059b3a8d7e313ce93791f4ea8c984401f1e1d0b066bd5a9785e2f6a", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.4.md b/docs/security/agent/grype-25.10.4.md index 7a40485..8715fae 100644 --- a/docs/security/agent/grype-25.10.4.md +++ b/docs/security/agent/grype-25.10.4.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.3 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.5.json b/docs/security/agent/grype-25.10.5.json index 6beeb0f..822c57e 100644 --- a/docs/security/agent/grype-25.10.5.json +++ b/docs/security/agent/grype-25.10.5.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c0b601275884eef022e92bfbc297e40f9ca0456c93622c02e860a104516d12fc", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.5.md b/docs/security/agent/grype-25.10.5.md index 27826e1..778c68e 100644 --- a/docs/security/agent/grype-25.10.5.md +++ b/docs/security/agent/grype-25.10.5.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.4 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.6.json b/docs/security/agent/grype-25.10.6.json index 655e61f..84abddf 100644 --- a/docs/security/agent/grype-25.10.6.json +++ b/docs/security/agent/grype-25.10.6.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:8523026ac9e053b9cdf90670ff69476eb16d97d29612f03ac381427d8d67a859", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.6.md b/docs/security/agent/grype-25.10.6.md index 8bbe9f2..78af647 100644 --- a/docs/security/agent/grype-25.10.6.md +++ b/docs/security/agent/grype-25.10.6.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.6 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.7.json b/docs/security/agent/grype-25.10.7.json index 4d9e42e..0eea276 100644 --- a/docs/security/agent/grype-25.10.7.json +++ b/docs/security/agent/grype-25.10.7.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.7.md b/docs/security/agent/grype-25.10.7.md index 9b7492d..6dccf6d 100644 --- a/docs/security/agent/grype-25.10.7.md +++ b/docs/security/agent/grype-25.10.7.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.6 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.8.json b/docs/security/agent/grype-25.10.8.json index 1a93fe9..f98a91d 100644 --- a/docs/security/agent/grype-25.10.8.json +++ b/docs/security/agent/grype-25.10.8.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "79cdbcbd3d61afd9", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "eb5d2c76ed21fa8e", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "79cdbcbd3d61afd9", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "eb5d2c76ed21fa8e", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3915,8 +3915,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4007,8 +4007,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4073,8 +4073,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4171,8 +4171,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4213,8 +4213,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4264,149 +4264,12 @@ "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:44dcbf71c90c15232bf4b80f56b0f8c466a698e03c94872658fbed89b4aed1c6", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4422,45 +4285,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4468,28 +4317,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4497,31 +4348,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4529,21 +4366,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4557,14 +4394,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4599,9 +4447,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4617,7 +4465,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -4691,9 +4539,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -4709,7 +4557,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -4741,16 +4589,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "bcbac17c560ff49d", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:44dcbf71c90c15232bf4b80f56b0f8c466a698e03c94872658fbed89b4aed1c6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4766,21 +4766,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "bcbac17c560ff49d", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -4794,13 +4794,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4834,8 +4834,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -4971,8 +4971,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5013,8 +5013,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5083,6 +5083,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:44dcbf71c90c15232bf4b80f56b0f8c466a698e03c94872658fbed89b4aed1c6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5108,8 +5253,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5262,8 +5407,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5315,8 +5460,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5407,8 +5552,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5460,8 +5605,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5563,8 +5708,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5617,8 +5762,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5865,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5786,8 +5931,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5884,8 +6029,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -5946,8 +6091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6038,8 +6183,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6086,8 +6231,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6183,8 +6328,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6231,8 +6376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6328,8 +6473,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6376,8 +6521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6473,8 +6618,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6521,8 +6666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6618,8 +6763,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -6771,8 +6916,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -6839,8 +6984,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -6948,8 +7093,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7010,8 +7155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7102,8 +7247,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7172,8 +7317,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7270,8 +7415,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7332,8 +7477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7399,6 +7544,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:44dcbf71c90c15232bf4b80f56b0f8c466a698e03c94872658fbed89b4aed1c6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7424,8 +7709,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7485,8 +7770,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7933,87 +8218,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.8.md b/docs/security/agent/grype-25.10.8.md index da51299..d87992c 100644 --- a/docs/security/agent/grype-25.10.8.md +++ b/docs/security/agent/grype-25.10.8.md @@ -5,14 +5,15 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | fluent-bit | 25.10.8 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.8 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -21,12 +22,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.10.9.json b/docs/security/agent/grype-25.10.9.json index 222fe1b..6776a18 100644 --- a/docs/security/agent/grype-25.10.9.json +++ b/docs/security/agent/grype-25.10.9.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "eb5d2c76ed21fa8e", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "eb5d2c76ed21fa8e", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3911,9 +3911,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,7 +3943,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -3986,9 +3986,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4096,8 +4096,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4188,8 +4188,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4254,8 +4254,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4352,8 +4352,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -4426,8 +4426,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -4521,8 +4521,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4563,8 +4563,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4614,149 +4614,12 @@ "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:05848185101d68af072e5c356c3c24b41215a7fd2047ee2965a7b68b89ad9da0", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4772,45 +4635,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4818,28 +4667,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4847,31 +4698,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4879,21 +4716,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4907,14 +4744,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4949,9 +4797,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4967,7 +4815,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5041,9 +4889,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5059,7 +4907,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5091,16 +4939,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "bcbac17c560ff49d", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:05848185101d68af072e5c356c3c24b41215a7fd2047ee2965a7b68b89ad9da0", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5116,21 +5116,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "bcbac17c560ff49d", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5144,13 +5144,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5184,8 +5184,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5226,8 +5226,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5321,8 +5321,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5363,8 +5363,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5433,6 +5433,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:05848185101d68af072e5c356c3c24b41215a7fd2047ee2965a7b68b89ad9da0", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5458,8 +5603,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5520,8 +5665,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5612,8 +5757,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5665,8 +5810,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5757,8 +5902,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5810,8 +5955,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5913,8 +6058,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5967,8 +6112,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6070,8 +6215,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6136,8 +6281,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6234,8 +6379,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6296,8 +6441,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6388,8 +6533,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6436,8 +6581,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6533,8 +6678,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6581,8 +6726,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6678,8 +6823,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6726,8 +6871,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6823,8 +6968,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6871,8 +7016,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6968,8 +7113,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7174,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7121,8 +7266,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7189,8 +7334,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7298,8 +7443,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7360,8 +7505,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7452,8 +7597,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7522,8 +7667,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7620,8 +7765,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7682,8 +7827,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7749,6 +7894,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:05848185101d68af072e5c356c3c24b41215a7fd2047ee2965a7b68b89ad9da0", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7774,8 +8059,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7835,8 +8120,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8283,87 +8568,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.10.9.md b/docs/security/agent/grype-25.10.9.md index 718c2cd..494facc 100644 --- a/docs/security/agent/grype-25.10.9.md +++ b/docs/security/agent/grype-25.10.9.md @@ -5,6 +5,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-55.el9_7.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -12,9 +13,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.9 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -23,12 +24,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.11.1.json b/docs/security/agent/grype-25.11.1.json index 9e787ea..f3fc684 100644 --- a/docs/security/agent/grype-25.11.1.json +++ b/docs/security/agent/grype-25.11.1.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:78869548a5a4ddb038886aeab1fbb33a5a3575f0e4f76e1e6adb3ea9e0e7712e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.11.1.md b/docs/security/agent/grype-25.11.1.md index c077622..ed5b35e 100644 --- a/docs/security/agent/grype-25.11.1.md +++ b/docs/security/agent/grype-25.11.1.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.11.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.11.2.json b/docs/security/agent/grype-25.11.2.json index bcaf1c7..a0b3085 100644 --- a/docs/security/agent/grype-25.11.2.json +++ b/docs/security/agent/grype-25.11.2.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ed669223edf4757e6a2b20405401e31a33f922ef936c50fba7d8971d4ddc7c38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,87 +9280,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.11.2.md b/docs/security/agent/grype-25.11.2.md index ca287ec..1d61352 100644 --- a/docs/security/agent/grype-25.11.2.md +++ b/docs/security/agent/grype-25.11.2.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.11.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.12.1.json b/docs/security/agent/grype-25.12.1.json index c50fbc5..e6601c2 100644 --- a/docs/security/agent/grype-25.12.1.json +++ b/docs/security/agent/grype-25.12.1.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "a840257087cebda4", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "211bc8dbb2d0cae8", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "a840257087cebda4", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "211bc8dbb2d0cae8", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3911,9 +3911,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,7 +3943,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -3986,9 +3986,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4081,9 +4081,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4113,7 +4113,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4156,9 +4156,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4262,9 +4262,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4294,7 +4294,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4337,9 +4337,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,9 +4443,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4475,7 +4475,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4518,9 +4518,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4632,8 +4632,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4724,8 +4724,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4790,8 +4790,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4888,8 +4888,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4930,8 +4930,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4983,147 +4983,10 @@ "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:07199ce67b312abed6bc1e4846c6365a46a7d9e0845580a5cdeddd347876535e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -5139,45 +5002,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5185,28 +5034,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5214,31 +5065,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5246,21 +5083,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "df491715ef44a4eb", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -5274,14 +5111,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5316,9 +5164,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5334,7 +5182,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5408,9 +5256,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5426,7 +5274,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5458,16 +5306,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "7ee51647563bc9b1", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:07199ce67b312abed6bc1e4846c6365a46a7d9e0845580a5cdeddd347876535e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5483,21 +5483,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7ee51647563bc9b1", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "df491715ef44a4eb", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5511,13 +5511,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5551,8 +5551,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5593,8 +5593,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5688,8 +5688,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5730,8 +5730,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5800,6 +5800,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:07199ce67b312abed6bc1e4846c6365a46a7d9e0845580a5cdeddd347876535e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5825,8 +5970,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5887,8 +6032,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5979,8 +6124,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6032,8 +6177,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6124,8 +6269,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6177,8 +6322,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6280,8 +6425,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6334,8 +6479,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6437,8 +6582,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6503,8 +6648,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6601,8 +6746,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6663,8 +6808,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6755,8 +6900,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6803,8 +6948,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6900,8 +7045,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6948,8 +7093,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7045,8 +7190,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7093,8 +7238,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7190,8 +7335,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7383,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7335,8 +7480,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7383,8 +7528,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7480,8 +7625,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7528,8 +7673,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7626,8 +7771,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7674,8 +7819,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7781,8 +7926,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7842,8 +7987,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7934,8 +8079,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8002,8 +8147,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8111,8 +8256,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8173,8 +8318,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8265,8 +8410,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8335,8 +8480,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8433,8 +8578,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8495,8 +8640,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8562,6 +8707,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:07199ce67b312abed6bc1e4846c6365a46a7d9e0845580a5cdeddd347876535e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8587,8 +8872,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8648,8 +8933,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8740,8 +9025,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8800,8 +9085,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -9249,87 +9534,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.12.1.md b/docs/security/agent/grype-25.12.1.md index 4887e41..fcc7e9f 100644 --- a/docs/security/agent/grype-25.12.1.md +++ b/docs/security/agent/grype-25.12.1.md @@ -5,6 +5,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd | 252-55.el9_7.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -14,9 +15,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | fluent-bit | 25.12.1 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.12.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -28,12 +29,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux-core | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.12.2.json b/docs/security/agent/grype-25.12.2.json index b9509a7..400b2f4 100644 --- a/docs/security/agent/grype-25.12.2.json +++ b/docs/security/agent/grype-25.12.2.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "a840257087cebda4", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "211bc8dbb2d0cae8", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "a840257087cebda4", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "211bc8dbb2d0cae8", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3915,8 +3915,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4007,8 +4007,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4073,8 +4073,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4171,8 +4171,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4213,8 +4213,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4266,147 +4266,10 @@ "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:c26e32c0ff010e0f1b0d2c9ac7c2326bbde361e1c5298bd342fbf2889a495df7", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4422,45 +4285,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4468,28 +4317,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4497,31 +4348,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4529,21 +4366,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "df491715ef44a4eb", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4557,14 +4394,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4599,9 +4447,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4617,7 +4465,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -4691,9 +4539,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -4709,7 +4557,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -4741,16 +4589,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "7ee51647563bc9b1", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c26e32c0ff010e0f1b0d2c9ac7c2326bbde361e1c5298bd342fbf2889a495df7", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4766,21 +4766,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7ee51647563bc9b1", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "df491715ef44a4eb", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -4794,13 +4794,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4834,8 +4834,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -4971,8 +4971,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5013,8 +5013,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5083,6 +5083,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c26e32c0ff010e0f1b0d2c9ac7c2326bbde361e1c5298bd342fbf2889a495df7", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5108,8 +5253,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5262,8 +5407,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5315,8 +5460,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5407,8 +5552,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5460,8 +5605,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5563,8 +5708,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5617,8 +5762,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5865,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5786,8 +5931,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5884,8 +6029,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -5946,8 +6091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6038,8 +6183,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6086,8 +6231,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6183,8 +6328,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6231,8 +6376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6328,8 +6473,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6376,8 +6521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6473,8 +6618,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6521,8 +6666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6618,8 +6763,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6666,8 +6811,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6763,8 +6908,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6811,8 +6956,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +7054,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6957,8 +7102,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7064,8 +7209,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7125,8 +7270,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7217,8 +7362,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7285,8 +7430,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7394,8 +7539,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7456,8 +7601,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7548,8 +7693,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7618,8 +7763,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7716,8 +7861,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7778,8 +7923,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7845,6 +7990,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:c26e32c0ff010e0f1b0d2c9ac7c2326bbde361e1c5298bd342fbf2889a495df7", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7870,8 +8155,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7931,8 +8216,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8023,8 +8308,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8083,8 +8368,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8532,87 +8817,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.12.2.md b/docs/security/agent/grype-25.12.2.md index 1229597..346ea9c 100644 --- a/docs/security/agent/grype-25.12.2.md +++ b/docs/security/agent/grype-25.12.2.md @@ -5,14 +5,15 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | fluent-bit | 25.12.2 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.12.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -24,12 +25,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux-core | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.12.3.json b/docs/security/agent/grype-25.12.3.json index 3d2efe7..d190acc 100644 --- a/docs/security/agent/grype-25.12.3.json +++ b/docs/security/agent/grype-25.12.3.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "a840257087cebda4", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "211bc8dbb2d0cae8", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "a840257087cebda4", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "211bc8dbb2d0cae8", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3915,8 +3915,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4007,8 +4007,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4073,8 +4073,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4171,8 +4171,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4213,8 +4213,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4266,147 +4266,10 @@ "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:771008481a6efa7a4d1936ad1afbca78a04f051b6e1cab77ef42394b57afb85c", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4422,45 +4285,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4468,28 +4317,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4497,31 +4348,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4529,21 +4366,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "df491715ef44a4eb", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4557,14 +4394,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4599,9 +4447,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4617,7 +4465,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -4691,9 +4539,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -4709,7 +4557,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -4741,16 +4589,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "7ee51647563bc9b1", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:771008481a6efa7a4d1936ad1afbca78a04f051b6e1cab77ef42394b57afb85c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4766,21 +4766,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7ee51647563bc9b1", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "df491715ef44a4eb", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -4794,13 +4794,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4834,8 +4834,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -4971,8 +4971,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5013,8 +5013,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5083,6 +5083,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:771008481a6efa7a4d1936ad1afbca78a04f051b6e1cab77ef42394b57afb85c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5108,8 +5253,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5262,8 +5407,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5315,8 +5460,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5407,8 +5552,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5460,8 +5605,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5563,8 +5708,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5617,8 +5762,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5865,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5786,8 +5931,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5884,8 +6029,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -5946,8 +6091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6038,8 +6183,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6086,8 +6231,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6183,8 +6328,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6231,8 +6376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6328,8 +6473,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6376,8 +6521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6473,8 +6618,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6521,8 +6666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6618,8 +6763,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6666,8 +6811,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6763,8 +6908,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6811,8 +6956,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +7054,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6957,8 +7102,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7064,8 +7209,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7125,8 +7270,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7217,8 +7362,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7285,8 +7430,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7394,8 +7539,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7456,8 +7601,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7548,8 +7693,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7618,8 +7763,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7716,8 +7861,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7778,8 +7923,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7845,6 +7990,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:771008481a6efa7a4d1936ad1afbca78a04f051b6e1cab77ef42394b57afb85c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7870,8 +8155,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7931,8 +8216,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8023,8 +8308,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8083,8 +8368,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8532,87 +8817,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.12.3.md b/docs/security/agent/grype-25.12.3.md index 99dae9a..546f635 100644 --- a/docs/security/agent/grype-25.12.3.md +++ b/docs/security/agent/grype-25.12.3.md @@ -5,14 +5,15 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | fluent-bit | 25.12.3 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.12.3 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -24,12 +25,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux-core | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.12.4.json b/docs/security/agent/grype-25.12.4.json index 3ac2228..84ea445 100644 --- a/docs/security/agent/grype-25.12.4.json +++ b/docs/security/agent/grype-25.12.4.json @@ -25,8 +25,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -104,8 +104,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -185,20 +185,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -206,45 +206,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -255,16 +262,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -281,21 +288,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "1:3.5.1-4.el9_7" + "name": "libxml2", + "version": "0:2.9.13-14.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "25e16a00909d33d5", - "name": "openssl", - "version": "1:3.5.1-4.el9_7", + "id": "a840257087cebda4", + "name": "libxml2", + "version": "2.9.13-14.el9_7", "type": "rpm", "locations": [ { @@ -309,105 +316,122 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -422,21 +446,21 @@ "version": "9.7" }, "package": { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "9620df42e45abf0c", - "name": "openssl-libs", - "version": "1:3.5.1-4.el9_7", + "id": "211bc8dbb2d0cae8", + "name": "curl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -450,67 +474,67 @@ ], "language": "", "licenses": [ - "Apache-2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.5.1-4.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -518,62 +542,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -581,21 +615,21 @@ "version": "9.7" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-14.el9_7" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "a840257087cebda4", - "name": "libxml2", - "version": "2.9.13-14.el9_7", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -612,11 +646,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-14.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-14.el9_7?arch=x86_64&distro=rhel-9.7&upstream=libxml2-2.9.13-14.el9_7.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -626,112 +671,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -739,21 +767,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "1:3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "211bc8dbb2d0cae8", - "name": "curl-minimal", - "version": "7.76.1-34.el9", + "id": "25e16a00909d33d5", + "name": "openssl", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -767,133 +795,105 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -908,21 +908,21 @@ "version": "9.7" }, "package": { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", + "id": "9620df42e45abf0c", + "name": "openssl-libs", + "version": "1:3.5.1-4.el9_7", "type": "rpm", "locations": [ { @@ -936,28 +936,28 @@ ], "language": "", "licenses": [ - "MIT" + "Apache-2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.5.1-4.el9_7:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.5.1-4.el9_7?arch=x86_64&distro=rhel-9.7&epoch=1&upstream=openssl-3.5.1-4.el9_7.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-34.el9" + "name": "openssl", + "version": "3.5.1-4.el9_7" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -988,7 +988,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1059,7 +1059,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1233,7 +1233,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1335,8 +1335,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1380,8 +1380,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1475,8 +1475,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1520,8 +1520,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1615,8 +1615,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1754,9 +1754,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1778,7 +1778,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1821,9 +1821,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1920,8 +1920,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -1995,8 +1995,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2093,8 +2093,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2189,8 +2189,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2293,8 +2293,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2352,8 +2352,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2444,8 +2444,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2503,8 +2503,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2606,8 +2606,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2656,8 +2656,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2748,8 +2748,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2797,8 +2797,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2889,8 +2889,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3029,8 +3029,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3077,8 +3077,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3180,8 +3180,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3223,8 +3223,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3318,8 +3318,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3361,8 +3361,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3456,8 +3456,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3504,8 +3504,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3596,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3657,8 +3657,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3754,8 +3754,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3815,8 +3815,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -3915,8 +3915,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4007,8 +4007,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4073,8 +4073,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4171,8 +4171,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4213,8 +4213,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4266,147 +4266,10 @@ "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-34.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.7" - }, - "package": { - "name": "curl", - "version": "7.76.1-34.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "dbb58be7b5652cc7", - "name": "libcurl-minimal", - "version": "7.76.1-34.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:20019d6d5374cf6805f69cd0761e791a84ba0a723a25b5b7e78bc179cb09ede1", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:curl:curl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", "upstreams": [ { "name": "curl", @@ -4422,45 +4285,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4468,28 +4317,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4497,31 +4348,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4529,21 +4366,21 @@ "version": "9.7" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-34.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "df491715ef44a4eb", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "dbb58be7b5652cc7", + "name": "libcurl-minimal", + "version": "7.76.1-34.el9", "type": "rpm", "locations": [ { @@ -4557,14 +4394,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-34.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-34.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-34.el9?arch=x86_64&distro=rhel-9.7&upstream=curl-7.76.1-34.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-34.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4599,9 +4447,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -4617,7 +4465,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -4691,9 +4539,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -4709,7 +4557,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -4741,16 +4589,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-18.el9_7" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "7ee51647563bc9b1", + "name": "glib2", + "version": "2.68.4-18.el9_7", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:20019d6d5374cf6805f69cd0761e791a84ba0a723a25b5b7e78bc179cb09ede1", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4766,21 +4766,21 @@ "version": "9.7" }, "package": { - "name": "glib2", - "version": "0:2.68.4-18.el9_7" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7ee51647563bc9b1", - "name": "glib2", - "version": "2.68.4-18.el9_7", + "id": "df491715ef44a4eb", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -4794,13 +4794,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-18.el9_7:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-18.el9_7?arch=x86_64&distro=rhel-9.7&upstream=glib2-2.68.4-18.el9_7.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.7&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4834,8 +4834,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -4971,8 +4971,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5013,8 +5013,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -5083,6 +5083,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:20019d6d5374cf6805f69cd0761e791a84ba0a723a25b5b7e78bc179cb09ede1", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -5108,8 +5253,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -5262,8 +5407,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5315,8 +5460,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5407,8 +5552,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5460,8 +5605,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5563,8 +5708,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5617,8 +5762,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5865,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5786,8 +5931,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -5884,8 +6029,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -5946,8 +6091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -6038,8 +6183,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6086,8 +6231,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6183,8 +6328,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6231,8 +6376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6328,8 +6473,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6376,8 +6521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6473,8 +6618,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6521,8 +6666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6618,8 +6763,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6666,8 +6811,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6763,8 +6908,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6811,8 +6956,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +7054,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -6957,8 +7102,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7064,8 +7209,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7125,8 +7270,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7217,8 +7362,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7285,8 +7430,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7394,8 +7539,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7456,8 +7601,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -7548,8 +7693,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7618,8 +7763,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -7716,8 +7861,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7778,8 +7923,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -7845,6 +7990,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.7" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:20019d6d5374cf6805f69cd0761e791a84ba0a723a25b5b7e78bc179cb09ede1", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.7&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -7870,8 +8155,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -7931,8 +8216,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8023,8 +8308,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8083,8 +8368,8 @@ { "cve": "CVE-2025-66382", "epss": 0.00013, - "percentile": 0.01611, - "date": "2025-12-22" + "percentile": 0.01603, + "date": "2025-12-29" } ], "cwes": [ @@ -8532,87 +8817,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.12.4.md b/docs/security/agent/grype-25.12.4.md index 332b13e..95427a5 100644 --- a/docs/security/agent/grype-25.12.4.md +++ b/docs/security/agent/grype-25.12.4.md @@ -5,14 +5,15 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | fluent-bit | 25.12.4 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.12.4 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-18.el9_7 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -24,12 +25,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | util-linux-core | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-14.el9_7 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.5.1-4.el9_7 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-34.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-34.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.7.1.json b/docs/security/agent/grype-25.7.1.json index b37388a..f26700e 100644 --- a/docs/security/agent/grype-25.7.1.json +++ b/docs/security/agent/grype-25.7.1.json @@ -2,101 +2,104 @@ "matches": [ { "vulnerability": { - "id": "CVE-2024-56433", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-56433", + "id": "CVE-2024-52533", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-52533", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", + "description": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "metrics": { - "baseScore": 3.6, - "exploitabilityScore": 1.1, - "impactScore": 2.6 + "baseScore": 7, + "exploitabilityScore": 2.3, + "impactScore": 4.8 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-56433", - "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "cve": "CVE-2024-52533", + "epss": 0.03174, + "percentile": 0.86532, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-56433", - "cwe": "CWE-1188", - "source": "cve@mitre.org", + "cve": "CVE-2024-52533", + "cwe": "CWE-120", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [ - "2:4.9-15.el9" + "0:2.68.4-16.el9_6.2" ], "state": "fixed", "available": [ { - "version": "2:4.9-15.el9", - "date": "2025-11-12", + "version": "0:2.68.4-16.el9_6.2", + "date": "2025-07-16", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:20559", - "link": "https://access.redhat.com/errata/RHSA-2025:20559" + "id": "RHSA-2025:11140", + "link": "https://access.redhat.com/errata/RHSA-2025:11140" } ], - "risk": 1.6744199999999998 + "risk": 1.9043999999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-56433", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", + "id": "CVE-2024-52533", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", "namespace": "nvd:cpe", - "severity": "Low", + "severity": "Critical", "urls": [ - "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", - "https://github.com/shadow-maint/shadow/issues/1157", - "https://github.com/shadow-maint/shadow/releases/tag/4.4" + "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", + "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", + "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", + "http://www.openwall.com/lists/oss-security/2024/11/12/11", + "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", + "https://security.netapp.com/advisory/ntap-20241206-0009/" ], - "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", + "description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "cvss": [ { - "source": "cve@mitre.org", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 3.6, - "exploitabilityScore": 1.1, - "impactScore": 2.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-56433", - "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "cve": "CVE-2024-52533", + "epss": 0.03174, + "percentile": 0.86532, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-56433", - "cwe": "CWE-1188", - "source": "cve@mitre.org", + "cve": "CVE-2024-52533", + "cwe": "CWE-120", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -112,24 +115,24 @@ "version": "9.6" }, "package": { - "name": "shadow-utils", - "version": "2:4.9-12.el9" + "name": "glib2", + "version": "0:2.68.4-16.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-56433", - "versionConstraint": "< 2:4.9-15.el9 (rpm)" + "vulnerabilityID": "CVE-2024-52533", + "versionConstraint": "< 0:2.68.4-16.el9_6.2 (rpm)" }, "fix": { - "suggestedVersion": "2:4.9-15.el9" + "suggestedVersion": "0:2.68.4-16.el9_6.2" } } ], "artifact": { - "id": "a13525dc6156c86d", - "name": "shadow-utils", - "version": "2:4.9-12.el9", + "id": "04574712e6ead30e", + "name": "glib2", + "version": "2.68.4-16.el9", "type": "rpm", "locations": [ { @@ -143,127 +146,118 @@ ], "language": "", "licenses": [ - "BSD and GPLv2+" + "LGPLv2+" ], "cpes": [ - "cpe:2.3:a:shadow-utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow-utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow_utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow_utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm", + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 2, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-52533", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-52533", + "id": "CVE-2024-56433", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-56433", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.", + "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "metrics": { - "baseScore": 7, - "exploitabilityScore": 2.3, - "impactScore": 4.8 + "baseScore": 3.6, + "exploitabilityScore": 1.1, + "impactScore": 2.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-52533", - "epss": 0.02743, - "percentile": 0.85518, - "date": "2025-12-22" + "cve": "CVE-2024-56433", + "epss": 0.05074, + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-52533", - "cwe": "CWE-120", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2024-56433", + "cwe": "CWE-1188", + "source": "cve@mitre.org", "type": "Secondary" } ], "fix": { "versions": [ - "0:2.68.4-16.el9_6.2" + "2:4.9-15.el9" ], "state": "fixed", "available": [ { - "version": "0:2.68.4-16.el9_6.2", - "date": "2025-07-16", + "version": "2:4.9-15.el9", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:11140", - "link": "https://access.redhat.com/errata/RHSA-2025:11140" + "id": "RHSA-2025:20559", + "link": "https://access.redhat.com/errata/RHSA-2025:20559" } ], - "risk": 1.6458 + "risk": 1.6744199999999998 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-52533", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", + "id": "CVE-2024-56433", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "Low", "urls": [ - "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", - "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", - "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", - "http://www.openwall.com/lists/oss-security/2024/11/12/11", - "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", - "https://security.netapp.com/advisory/ntap-20241206-0009/" + "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", + "https://github.com/shadow-maint/shadow/issues/1157", + "https://github.com/shadow-maint/shadow/releases/tag/4.4" ], - "description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", + "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "source": "cve@mitre.org", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "metrics": { - "baseScore": 9.8, - "exploitabilityScore": 3.9, - "impactScore": 5.9 + "baseScore": 3.6, + "exploitabilityScore": 1.1, + "impactScore": 2.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-52533", - "epss": 0.02743, - "percentile": 0.85518, - "date": "2025-12-22" + "cve": "CVE-2024-56433", + "epss": 0.05074, + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-52533", - "cwe": "CWE-120", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2024-56433", + "cwe": "CWE-1188", + "source": "cve@mitre.org", "type": "Secondary" } ] @@ -279,24 +273,24 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9" + "name": "shadow-utils", + "version": "2:4.9-12.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-52533", - "versionConstraint": "< 0:2.68.4-16.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2024-56433", + "versionConstraint": "< 2:4.9-15.el9 (rpm)" }, "fix": { - "suggestedVersion": "0:2.68.4-16.el9_6.2" + "suggestedVersion": "2:4.9-15.el9" } } ], "artifact": { - "id": "04574712e6ead30e", - "name": "glib2", - "version": "2.68.4-16.el9", + "id": "a13525dc6156c86d", + "name": "shadow-utils", + "version": "2:4.9-12.el9", "type": "rpm", "locations": [ { @@ -310,17 +304,23 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD and GPLv2+" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:shadow-utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow-utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow_utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow_utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "purl": "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 2, "modularityLabel": "" } } @@ -350,8 +350,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -429,8 +429,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -510,20 +510,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -531,45 +531,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -580,16 +587,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -606,21 +613,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -634,105 +641,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -747,21 +771,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "6b7ebba723f3d1d6", + "name": "curl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -775,67 +799,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -843,62 +867,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -906,21 +940,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -937,126 +971,120 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -1064,21 +1092,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "6b7ebba723f3d1d6", - "name": "curl-minimal", - "version": "7.76.1-31.el9", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1092,133 +1120,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1233,21 +1233,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1261,28 +1261,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1313,7 +1313,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1384,7 +1384,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1487,7 +1487,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1558,7 +1558,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1660,8 +1660,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1705,8 +1705,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1800,8 +1800,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1845,8 +1845,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1940,8 +1940,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1988,8 +1988,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -2080,8 +2080,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2164,8 +2164,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2258,9 +2258,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2282,7 +2282,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2325,9 +2325,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2424,8 +2424,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2508,8 +2508,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2603,8 +2603,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2678,8 +2678,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2776,8 +2776,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2872,8 +2872,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2976,8 +2976,8 @@ { "cve": "CVE-2025-4373", "epss": 0.00119, - "percentile": 0.31637, - "date": "2025-12-22" + "percentile": 0.31574, + "date": "2025-12-29" } ], "cwes": [ @@ -3051,8 +3051,8 @@ { "cve": "CVE-2025-4373", "epss": 0.00119, - "percentile": 0.31637, - "date": "2025-12-22" + "percentile": 0.31574, + "date": "2025-12-29" } ], "cwes": [ @@ -3146,8 +3146,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -3218,8 +3218,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -3313,8 +3313,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3372,8 +3372,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3464,8 +3464,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3523,8 +3523,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3626,8 +3626,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3696,8 +3696,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3791,8 +3791,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3892,8 +3892,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3964,87 +3964,140 @@ }, { "vulnerability": { - "id": "CVE-2025-4207", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 + }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.036515 + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-4207", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-4207/", - "http://www.openwall.com/lists/oss-security/2025/05/09/3", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" ], - "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4052,7 +4105,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4060,21 +4113,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "ncurses", + "version": "6.2-10.20210508.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-4207", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "f866293dd48b75b0", + "name": "ncurses-base", + "version": "6.2-10.20210508.el9", "type": "rpm", "locations": [ { @@ -4088,14 +4144,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4105,20 +4172,228 @@ }, { "vulnerability": { - "id": "CVE-2025-12818", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "namespace": "redhat:distro:redhat:9", + "severity": "Low", + "urls": [], + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "metrics": { + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" + ], + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + } + } + ], + "artifact": { + "id": "f3ef10418ec3cca6", + "name": "ncurses-libs", + "version": "6.2-10.20210508.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "MIT" + ], + "cpes": [ + "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-4207", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", + "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 5.9, + "exploitabilityScore": 2.3, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4126,16 +4401,16 @@ ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", + "cve": "CVE-2025-4207", + "cwe": "CWE-126", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } @@ -4145,18 +4420,20 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.035625000000000004 + "risk": 0.036515 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-12818", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", + "id": "CVE-2025-4207", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", "namespace": "nvd:cpe", "severity": "Medium", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-12818/" + "https://www.postgresql.org/support/security/CVE-2025-4207/", + "http://www.openwall.com/lists/oss-security/2025/05/09/3", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" ], - "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", + "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", "cvss": [ { "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", @@ -4173,16 +4450,16 @@ ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", + "cve": "CVE-2025-4207", + "cwe": "CWE-126", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } @@ -4205,7 +4482,7 @@ "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-12818", + "vulnerabilityID": "CVE-2025-4207", "versionConstraint": "none (unknown)" } } @@ -4244,96 +4521,123 @@ }, { "vulnerability": { - "id": "CVE-2023-45322", - "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "High", "urls": [], - "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.03382000000000001 + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2023-45322", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "http://www.openwall.com/lists/oss-security/2023/10/06/5", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", - "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4341,21 +4645,24 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "sqlite", + "version": "3.34.1-7.el9_3" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2023-45322", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], - "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "artifact": { + "id": "45f6f999e295a17b", + "name": "sqlite-libs", + "version": "3.34.1-7.el9_3", "type": "rpm", "locations": [ { @@ -4369,14 +4676,25 @@ ], "language": "", "licenses": [ - "MIT" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-7.el9_3" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4386,140 +4704,85 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } ], "fix": { - "versions": [ - "0:6.2-10.20210508.el9_6.2" - ], - "state": "fixed", - "available": [ - { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" - } - ], - "risk": 0.03094 + "advisories": [], + "risk": 0.035625000000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" + "https://www.postgresql.org/support/security/CVE-2025-12818/" ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", "cvss": [ { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", - "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", - "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } ] @@ -4527,7 +4790,7 @@ ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4535,24 +4798,21 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "libpq", + "version": "0:13.20-1.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" - }, - "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "vulnerabilityID": "CVE-2025-12818", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "f866293dd48b75b0", - "name": "ncurses-base", - "version": "6.2-10.20210508.el9", + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", "type": "rpm", "locations": [ { @@ -4566,25 +4826,14 @@ ], "language": "", "licenses": [ - "MIT" + "PostgreSQL" ], "cpes": [ - "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", - "upstreams": [ - { - "name": "ncurses", - "version": "6.2-10.20210508.el9" - } + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4594,148 +4843,96 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2023-45322", + "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", + "cve": "CVE-2023-45322", + "cwe": "CWE-416", "source": "nvd@nist.gov", "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" } ], "fix": { - "versions": [ - "0:6.2-10.20210508.el9_6.2" - ], - "state": "fixed", - "available": [ - { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" - } - ], - "risk": 0.03094 + "advisories": [], + "risk": 0.03382000000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2023-45322", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" - ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", - "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 - }, - "vendorMetadata": {} - }, + "http://www.openwall.com/lists/oss-security/2023/10/06/5", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", + "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + ], + "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", - "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", + "cve": "CVE-2023-45322", + "cwe": "CWE-416", "source": "nvd@nist.gov", "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4743,24 +4940,21 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" - }, - "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "vulnerabilityID": "CVE-2023-45322", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "f3ef10418ec3cca6", - "name": "ncurses-libs", - "version": "6.2-10.20210508.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -4777,22 +4971,11 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", - "upstreams": [ - { - "name": "ncurses", - "version": "6.2-10.20210508.el9" - } + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4825,8 +5008,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4874,8 +5057,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4943,59 +5126,79 @@ }, { "vulnerability": { - "id": "CVE-2022-41409", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", + "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:2.9.13-12.el9_6" + ], + "state": "fixed", + "available": [ + { + "version": "0:2.9.13-12.el9_6", + "date": "2025-08-08", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.025315 + "advisories": [ + { + "id": "RHSA-2025:13428", + "link": "https://access.redhat.com/errata/RHSA-2025:13428" + } + ], + "risk": 0.027559999999999998 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", + "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", + "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "cvss": [ { "source": "nvd@nist.gov", @@ -5008,20 +5211,38 @@ "impactScore": 3.6 }, "vendorMetadata": {} + }, + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "metrics": { + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 + }, + "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } @@ -5038,21 +5259,24 @@ "version": "9.6" }, "package": { - "name": "pcre2", - "version": "0:10.40-6.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-32414", + "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" + }, + "fix": { + "suggestedVersion": "0:2.9.13-12.el9_6" } } ], "artifact": { - "id": "d52857c4436af57f", - "name": "pcre2", - "version": "10.40-6.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -5066,13 +5290,13 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5106,8 +5330,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -5154,8 +5378,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,7 +5394,7 @@ ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5179,7 +5403,7 @@ }, "package": { "name": "pcre2", - "version": "10.40-6.el9" + "version": "0:10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, @@ -5190,8 +5414,8 @@ } ], "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", + "id": "d52857c4436af57f", + "name": "pcre2", "version": "10.40-6.el9", "type": "rpm", "locations": [ @@ -5209,22 +5433,11 @@ "BSD" ], "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } + "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5234,116 +5447,87 @@ }, { "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", "namespace": "redhat:distro:redhat:9", - "severity": "High", + "severity": "Low", "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] - }, - "advisories": [ + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" + } + ], + "cwes": [ { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], - "risk": 0.02508 + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -5358,24 +5542,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "45f6f999e295a17b", - "name": "sqlite-libs", - "version": "3.34.1-7.el9_3", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -5389,23 +5570,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -5440,8 +5621,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5483,8 +5664,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5578,8 +5759,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5621,8 +5802,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5716,8 +5897,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5812,8 +5993,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5907,8 +6088,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5955,8 +6136,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -6047,8 +6228,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6108,8 +6289,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6194,269 +6375,86 @@ "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.02125 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-27943", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" - ], - "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", - "metrics": { - "baseScore": 4.3, - "exploitabilityScore": 8.6, - "impactScore": 2.9 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "gcc", - "version": "11.5.0-5.el9_5" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-27943", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "54d8bbcf6652ae80", - "name": "libstdc++", - "version": "11.5.0-5.el9_5", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" - ], - "cpes": [ - "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", - "upstreams": [ - { - "name": "gcc", - "version": "11.5.0-5.el9_5" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-32414", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", - "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [ - "0:2.9.13-12.el9_6" - ], - "state": "fixed", - "available": [ - { - "version": "0:2.9.13-12.el9_6", - "date": "2025-08-08", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:13428", - "link": "https://access.redhat.com/errata/RHSA-2025:13428" - } - ], - "risk": 0.021200000000000004 + "advisories": [], + "risk": 0.02125 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32414", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", + "id": "CVE-2022-27943", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", - "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" ], - "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", + "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} }, { - "source": "cve@mitre.org", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 4.3, + "exploitabilityScore": 8.6, + "impactScore": 2.9 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } @@ -6465,7 +6463,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6473,24 +6471,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "gcc", + "version": "11.5.0-5.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32414", - "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" - }, - "fix": { - "suggestedVersion": "0:2.9.13-12.el9_6" + "vulnerabilityID": "CVE-2022-27943", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "54d8bbcf6652ae80", + "name": "libstdc++", + "version": "11.5.0-5.el9_5", "type": "rpm", "locations": [ { @@ -6504,14 +6499,19 @@ ], "language": "", "licenses": [ - "MIT" + "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", + "upstreams": [ + { + "name": "gcc", + "version": "11.5.0-5.el9_5" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6543,9 +6543,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6575,7 +6575,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -6618,9 +6618,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6728,8 +6728,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -6820,8 +6820,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -6900,8 +6900,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -7001,8 +7001,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -7067,8 +7067,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -7165,8 +7165,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7241,8 +7241,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7342,8 +7342,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7418,8 +7418,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7530,8 +7530,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7604,8 +7604,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7699,8 +7699,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7741,8 +7741,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -7812,183 +7812,32 @@ } }, { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "vulnerability": { + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7996,28 +7845,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -8025,31 +7876,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -8057,21 +7894,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-5.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "026da1974d66f84e", - "name": "libarchive", - "version": "3.5.3-5.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -8085,14 +7922,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -8127,9 +7975,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -8145,7 +7993,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -8219,9 +8067,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -8237,7 +8085,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -8269,16 +8117,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "04574712e6ead30e", + "name": "glib2", + "version": "2.68.4-16.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -8294,21 +8294,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9" + "name": "libarchive", + "version": "0:3.5.3-5.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "04574712e6ead30e", - "name": "glib2", - "version": "2.68.4-16.el9", + "id": "026da1974d66f84e", + "name": "libarchive", + "version": "3.5.3-5.el9_6", "type": "rpm", "locations": [ { @@ -8322,13 +8322,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -8362,8 +8362,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8404,8 +8404,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8499,8 +8499,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8541,8 +8541,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8611,6 +8611,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -8636,8 +8781,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8698,8 +8843,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8790,8 +8935,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8843,8 +8988,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8935,8 +9080,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8988,8 +9133,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -9091,8 +9236,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -9145,8 +9290,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -9248,8 +9393,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -9314,8 +9459,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -9412,8 +9557,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9474,8 +9619,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9566,8 +9711,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9627,8 +9772,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9722,8 +9867,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9783,8 +9928,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9889,8 +10034,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9950,8 +10095,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10060,8 +10205,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10121,8 +10266,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10231,8 +10376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10279,8 +10424,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10376,8 +10521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10424,8 +10569,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10521,8 +10666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10569,8 +10714,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10666,8 +10811,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10714,8 +10859,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10811,8 +10956,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10872,8 +11017,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10964,8 +11109,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -11032,8 +11177,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -11141,8 +11286,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -11203,8 +11348,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -11295,8 +11440,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11365,8 +11510,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11463,8 +11608,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11525,8 +11670,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11592,6 +11737,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:9f0b79be8c39d3327229ddefe91179edad3699b9049708d43623f4203b3b67fb", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -11617,8 +11902,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -11678,8 +11963,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -12098,87 +12383,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.7.1.md b/docs/security/agent/grype-25.7.1.md index 8e8a828..36f6c42 100644 --- a/docs/security/agent/grype-25.7.1.md +++ b/docs/security/agent/grype-25.7.1.md @@ -8,6 +8,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-5914](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5914) | High | | sqlite-libs | 3.34.1-7.el9_3 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-7425](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7425) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9 | [CVE-2024-52533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533) | Medium | | glib2 | 2.68.4-16.el9 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | @@ -17,8 +18,8 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | gnutls | 3.8.3-6.el9 | [CVE-2025-32989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-4207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-12818](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818) | Medium | -| glib2 | 2.68.4-16.el9 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414) | Medium | +| glib2 | 2.68.4-16.el9 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.1 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | | fluent-bit | 25.7.2 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32415](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415) | Medium | @@ -27,9 +28,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.7.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -42,13 +43,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-10.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | @@ -58,9 +60,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-1632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1632) | Low | | openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | | openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | -| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | ncurses-base | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | | ncurses-libs | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | +| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | glib2 | 2.68.4-16.el9 | [CVE-2025-3360](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360) | Low | | pcre2 | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | | pcre2-syntax | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | diff --git a/docs/security/agent/grype-25.7.2.json b/docs/security/agent/grype-25.7.2.json index 2f82089..2ff5e39 100644 --- a/docs/security/agent/grype-25.7.2.json +++ b/docs/security/agent/grype-25.7.2.json @@ -2,101 +2,104 @@ "matches": [ { "vulnerability": { - "id": "CVE-2024-56433", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-56433", + "id": "CVE-2024-52533", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-52533", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", + "description": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "metrics": { - "baseScore": 3.6, - "exploitabilityScore": 1.1, - "impactScore": 2.6 + "baseScore": 7, + "exploitabilityScore": 2.3, + "impactScore": 4.8 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-56433", - "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "cve": "CVE-2024-52533", + "epss": 0.03174, + "percentile": 0.86532, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-56433", - "cwe": "CWE-1188", - "source": "cve@mitre.org", + "cve": "CVE-2024-52533", + "cwe": "CWE-120", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [ - "2:4.9-15.el9" + "0:2.68.4-16.el9_6.2" ], "state": "fixed", "available": [ { - "version": "2:4.9-15.el9", - "date": "2025-11-12", + "version": "0:2.68.4-16.el9_6.2", + "date": "2025-07-16", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:20559", - "link": "https://access.redhat.com/errata/RHSA-2025:20559" + "id": "RHSA-2025:11140", + "link": "https://access.redhat.com/errata/RHSA-2025:11140" } ], - "risk": 1.6744199999999998 + "risk": 1.9043999999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-56433", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", + "id": "CVE-2024-52533", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", "namespace": "nvd:cpe", - "severity": "Low", + "severity": "Critical", "urls": [ - "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", - "https://github.com/shadow-maint/shadow/issues/1157", - "https://github.com/shadow-maint/shadow/releases/tag/4.4" + "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", + "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", + "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", + "http://www.openwall.com/lists/oss-security/2024/11/12/11", + "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", + "https://security.netapp.com/advisory/ntap-20241206-0009/" ], - "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", + "description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "cvss": [ { - "source": "cve@mitre.org", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 3.6, - "exploitabilityScore": 1.1, - "impactScore": 2.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-56433", - "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "cve": "CVE-2024-52533", + "epss": 0.03174, + "percentile": 0.86532, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-56433", - "cwe": "CWE-1188", - "source": "cve@mitre.org", + "cve": "CVE-2024-52533", + "cwe": "CWE-120", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -112,24 +115,24 @@ "version": "9.6" }, "package": { - "name": "shadow-utils", - "version": "2:4.9-12.el9" + "name": "glib2", + "version": "0:2.68.4-16.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-56433", - "versionConstraint": "< 2:4.9-15.el9 (rpm)" + "vulnerabilityID": "CVE-2024-52533", + "versionConstraint": "< 0:2.68.4-16.el9_6.2 (rpm)" }, "fix": { - "suggestedVersion": "2:4.9-15.el9" + "suggestedVersion": "0:2.68.4-16.el9_6.2" } } ], "artifact": { - "id": "a13525dc6156c86d", - "name": "shadow-utils", - "version": "2:4.9-12.el9", + "id": "04574712e6ead30e", + "name": "glib2", + "version": "2.68.4-16.el9", "type": "rpm", "locations": [ { @@ -143,127 +146,118 @@ ], "language": "", "licenses": [ - "BSD and GPLv2+" + "LGPLv2+" ], "cpes": [ - "cpe:2.3:a:shadow-utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow-utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow_utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow_utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:shadow:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm", + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 2, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-52533", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-52533", + "id": "CVE-2024-56433", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-56433", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.", + "description": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "metrics": { - "baseScore": 7, - "exploitabilityScore": 2.3, - "impactScore": 4.8 + "baseScore": 3.6, + "exploitabilityScore": 1.1, + "impactScore": 2.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-52533", - "epss": 0.02743, - "percentile": 0.85518, - "date": "2025-12-22" + "cve": "CVE-2024-56433", + "epss": 0.05074, + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-52533", - "cwe": "CWE-120", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2024-56433", + "cwe": "CWE-1188", + "source": "cve@mitre.org", "type": "Secondary" } ], "fix": { "versions": [ - "0:2.68.4-16.el9_6.2" + "2:4.9-15.el9" ], "state": "fixed", "available": [ { - "version": "0:2.68.4-16.el9_6.2", - "date": "2025-07-16", + "version": "2:4.9-15.el9", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:11140", - "link": "https://access.redhat.com/errata/RHSA-2025:11140" + "id": "RHSA-2025:20559", + "link": "https://access.redhat.com/errata/RHSA-2025:20559" } ], - "risk": 1.6458 + "risk": 1.6744199999999998 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-52533", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", + "id": "CVE-2024-56433", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "Low", "urls": [ - "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", - "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", - "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", - "http://www.openwall.com/lists/oss-security/2024/11/12/11", - "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", - "https://security.netapp.com/advisory/ntap-20241206-0009/" + "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", + "https://github.com/shadow-maint/shadow/issues/1157", + "https://github.com/shadow-maint/shadow/releases/tag/4.4" ], - "description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", + "description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "source": "cve@mitre.org", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "metrics": { - "baseScore": 9.8, - "exploitabilityScore": 3.9, - "impactScore": 5.9 + "baseScore": 3.6, + "exploitabilityScore": 1.1, + "impactScore": 2.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-52533", - "epss": 0.02743, - "percentile": 0.85518, - "date": "2025-12-22" + "cve": "CVE-2024-56433", + "epss": 0.05074, + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-52533", - "cwe": "CWE-120", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2024-56433", + "cwe": "CWE-1188", + "source": "cve@mitre.org", "type": "Secondary" } ] @@ -279,24 +273,24 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9" + "name": "shadow-utils", + "version": "2:4.9-12.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-52533", - "versionConstraint": "< 0:2.68.4-16.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2024-56433", + "versionConstraint": "< 2:4.9-15.el9 (rpm)" }, "fix": { - "suggestedVersion": "0:2.68.4-16.el9_6.2" + "suggestedVersion": "2:4.9-15.el9" } } ], "artifact": { - "id": "04574712e6ead30e", - "name": "glib2", - "version": "2.68.4-16.el9", + "id": "a13525dc6156c86d", + "name": "shadow-utils", + "version": "2:4.9-12.el9", "type": "rpm", "locations": [ { @@ -310,17 +304,23 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD and GPLv2+" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:shadow-utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow-utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow_utils:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow_utils:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow:shadow-utils:2\\:4.9-12.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:shadow:shadow_utils:2\\:4.9-12.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "purl": "pkg:rpm/redhat/shadow-utils@4.9-12.el9?arch=x86_64&distro=rhel-9.6&epoch=2&upstream=shadow-utils-4.9-12.el9.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 2, "modularityLabel": "" } } @@ -350,8 +350,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -429,8 +429,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -510,20 +510,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -531,45 +531,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -580,16 +587,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -606,21 +613,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -634,105 +641,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -747,21 +771,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "6b7ebba723f3d1d6", + "name": "curl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -775,67 +799,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -843,62 +867,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -906,21 +940,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -937,126 +971,120 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -1064,21 +1092,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "6b7ebba723f3d1d6", - "name": "curl-minimal", - "version": "7.76.1-31.el9", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1092,133 +1120,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1233,21 +1233,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1261,28 +1261,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1313,7 +1313,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1384,7 +1384,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1487,7 +1487,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1558,7 +1558,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1660,8 +1660,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1705,8 +1705,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1800,8 +1800,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1845,8 +1845,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1940,8 +1940,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1988,8 +1988,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -2080,8 +2080,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2164,8 +2164,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2258,9 +2258,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2282,7 +2282,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2325,9 +2325,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2424,8 +2424,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2508,8 +2508,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2603,8 +2603,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2678,8 +2678,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2776,8 +2776,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2872,8 +2872,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2976,8 +2976,8 @@ { "cve": "CVE-2025-4373", "epss": 0.00119, - "percentile": 0.31637, - "date": "2025-12-22" + "percentile": 0.31574, + "date": "2025-12-29" } ], "cwes": [ @@ -3051,8 +3051,8 @@ { "cve": "CVE-2025-4373", "epss": 0.00119, - "percentile": 0.31637, - "date": "2025-12-22" + "percentile": 0.31574, + "date": "2025-12-29" } ], "cwes": [ @@ -3146,8 +3146,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -3218,8 +3218,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -3313,8 +3313,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3372,8 +3372,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3464,8 +3464,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3523,8 +3523,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3626,8 +3626,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3696,8 +3696,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3791,8 +3791,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3892,8 +3892,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3964,87 +3964,140 @@ }, { "vulnerability": { - "id": "CVE-2025-4207", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 + }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.036515 + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-4207", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-4207/", - "http://www.openwall.com/lists/oss-security/2025/05/09/3", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" ], - "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -4052,7 +4105,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4060,21 +4113,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "ncurses", + "version": "6.2-10.20210508.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-4207", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "f866293dd48b75b0", + "name": "ncurses-base", + "version": "6.2-10.20210508.el9", "type": "rpm", "locations": [ { @@ -4088,14 +4144,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4105,20 +4172,228 @@ }, { "vulnerability": { - "id": "CVE-2025-12818", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "namespace": "redhat:distro:redhat:9", + "severity": "Low", + "urls": [], + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "metrics": { + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" + ], + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + } + } + ], + "artifact": { + "id": "f3ef10418ec3cca6", + "name": "ncurses-libs", + "version": "6.2-10.20210508.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "MIT" + ], + "cpes": [ + "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-4207", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", + "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 5.9, + "exploitabilityScore": 2.3, "impactScore": 3.6 }, "vendorMetadata": {} @@ -4126,16 +4401,16 @@ ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", + "cve": "CVE-2025-4207", + "cwe": "CWE-126", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } @@ -4145,18 +4420,20 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.035625000000000004 + "risk": 0.036515 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-12818", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", + "id": "CVE-2025-4207", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", "namespace": "nvd:cpe", "severity": "Medium", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-12818/" + "https://www.postgresql.org/support/security/CVE-2025-4207/", + "http://www.openwall.com/lists/oss-security/2025/05/09/3", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" ], - "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", + "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", "cvss": [ { "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", @@ -4173,16 +4450,16 @@ ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", + "cve": "CVE-2025-4207", + "cwe": "CWE-126", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } @@ -4205,7 +4482,7 @@ "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-12818", + "vulnerabilityID": "CVE-2025-4207", "versionConstraint": "none (unknown)" } } @@ -4244,96 +4521,123 @@ }, { "vulnerability": { - "id": "CVE-2023-45322", - "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "High", "urls": [], - "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.03382000000000001 + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2023-45322", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "http://www.openwall.com/lists/oss-security/2023/10/06/5", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", - "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4341,21 +4645,24 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "sqlite", + "version": "3.34.1-7.el9_3" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2023-45322", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], - "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "artifact": { + "id": "45f6f999e295a17b", + "name": "sqlite-libs", + "version": "3.34.1-7.el9_3", "type": "rpm", "locations": [ { @@ -4369,14 +4676,25 @@ ], "language": "", "licenses": [ - "MIT" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-7.el9_3" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4386,140 +4704,85 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } ], "fix": { - "versions": [ - "0:6.2-10.20210508.el9_6.2" - ], - "state": "fixed", - "available": [ - { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" - } - ], - "risk": 0.03094 + "advisories": [], + "risk": 0.035625000000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" + "https://www.postgresql.org/support/security/CVE-2025-12818/" ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", "cvss": [ { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", - "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", - "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } ] @@ -4527,7 +4790,7 @@ ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4535,24 +4798,21 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "libpq", + "version": "0:13.20-1.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" - }, - "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "vulnerabilityID": "CVE-2025-12818", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "f866293dd48b75b0", - "name": "ncurses-base", - "version": "6.2-10.20210508.el9", + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", "type": "rpm", "locations": [ { @@ -4566,25 +4826,14 @@ ], "language": "", "licenses": [ - "MIT" + "PostgreSQL" ], "cpes": [ - "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", - "upstreams": [ - { - "name": "ncurses", - "version": "6.2-10.20210508.el9" - } + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4594,148 +4843,96 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2023-45322", + "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", + "cve": "CVE-2023-45322", + "cwe": "CWE-416", "source": "nvd@nist.gov", "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" } ], "fix": { - "versions": [ - "0:6.2-10.20210508.el9_6.2" - ], - "state": "fixed", - "available": [ - { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" - } - ], - "risk": 0.03094 + "advisories": [], + "risk": 0.03382000000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2023-45322", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" - ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", - "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 - }, - "vendorMetadata": {} - }, + "http://www.openwall.com/lists/oss-security/2023/10/06/5", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", + "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + ], + "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", - "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", + "cve": "CVE-2023-45322", + "cwe": "CWE-416", "source": "nvd@nist.gov", "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4743,24 +4940,21 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" - }, - "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "vulnerabilityID": "CVE-2023-45322", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "f3ef10418ec3cca6", - "name": "ncurses-libs", - "version": "6.2-10.20210508.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -4777,22 +4971,11 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", - "upstreams": [ - { - "name": "ncurses", - "version": "6.2-10.20210508.el9" - } + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4825,8 +5008,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4874,8 +5057,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4943,59 +5126,79 @@ }, { "vulnerability": { - "id": "CVE-2022-41409", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", + "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:2.9.13-12.el9_6" + ], + "state": "fixed", + "available": [ + { + "version": "0:2.9.13-12.el9_6", + "date": "2025-08-08", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.025315 + "advisories": [ + { + "id": "RHSA-2025:13428", + "link": "https://access.redhat.com/errata/RHSA-2025:13428" + } + ], + "risk": 0.027559999999999998 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", + "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", + "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "cvss": [ { "source": "nvd@nist.gov", @@ -5008,20 +5211,38 @@ "impactScore": 3.6 }, "vendorMetadata": {} + }, + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "metrics": { + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 + }, + "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } @@ -5038,21 +5259,24 @@ "version": "9.6" }, "package": { - "name": "pcre2", - "version": "0:10.40-6.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-32414", + "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" + }, + "fix": { + "suggestedVersion": "0:2.9.13-12.el9_6" } } ], "artifact": { - "id": "d52857c4436af57f", - "name": "pcre2", - "version": "10.40-6.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -5066,13 +5290,13 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5106,8 +5330,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -5154,8 +5378,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,7 +5394,7 @@ ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5179,7 +5403,7 @@ }, "package": { "name": "pcre2", - "version": "10.40-6.el9" + "version": "0:10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, @@ -5190,8 +5414,8 @@ } ], "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", + "id": "d52857c4436af57f", + "name": "pcre2", "version": "10.40-6.el9", "type": "rpm", "locations": [ @@ -5209,22 +5433,11 @@ "BSD" ], "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } + "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5234,116 +5447,87 @@ }, { "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", "namespace": "redhat:distro:redhat:9", - "severity": "High", + "severity": "Low", "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] - }, - "advisories": [ + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" + } + ], + "cwes": [ { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], - "risk": 0.02508 + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -5358,24 +5542,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "45f6f999e295a17b", - "name": "sqlite-libs", - "version": "3.34.1-7.el9_3", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -5389,23 +5570,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -5440,8 +5621,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5483,8 +5664,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5578,8 +5759,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5621,8 +5802,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5716,8 +5897,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5812,8 +5993,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5907,8 +6088,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5955,8 +6136,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -6047,8 +6228,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6108,8 +6289,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6194,269 +6375,86 @@ "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.02125 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-27943", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" - ], - "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", - "metrics": { - "baseScore": 4.3, - "exploitabilityScore": 8.6, - "impactScore": 2.9 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "gcc", - "version": "11.5.0-5.el9_5" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-27943", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "54d8bbcf6652ae80", - "name": "libstdc++", - "version": "11.5.0-5.el9_5", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" - ], - "cpes": [ - "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", - "upstreams": [ - { - "name": "gcc", - "version": "11.5.0-5.el9_5" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-32414", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", - "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [ - "0:2.9.13-12.el9_6" - ], - "state": "fixed", - "available": [ - { - "version": "0:2.9.13-12.el9_6", - "date": "2025-08-08", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:13428", - "link": "https://access.redhat.com/errata/RHSA-2025:13428" - } - ], - "risk": 0.021200000000000004 + "advisories": [], + "risk": 0.02125 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32414", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", + "id": "CVE-2022-27943", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", - "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" ], - "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", + "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} }, { - "source": "cve@mitre.org", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 4.3, + "exploitabilityScore": 8.6, + "impactScore": 2.9 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } @@ -6465,7 +6463,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6473,24 +6471,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "gcc", + "version": "11.5.0-5.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32414", - "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" - }, - "fix": { - "suggestedVersion": "0:2.9.13-12.el9_6" + "vulnerabilityID": "CVE-2022-27943", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "54d8bbcf6652ae80", + "name": "libstdc++", + "version": "11.5.0-5.el9_5", "type": "rpm", "locations": [ { @@ -6504,14 +6499,19 @@ ], "language": "", "licenses": [ - "MIT" + "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", + "upstreams": [ + { + "name": "gcc", + "version": "11.5.0-5.el9_5" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6543,9 +6543,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6575,7 +6575,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -6618,9 +6618,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6728,8 +6728,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -6820,8 +6820,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -6900,8 +6900,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -7001,8 +7001,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -7067,8 +7067,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -7165,8 +7165,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7241,8 +7241,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7342,8 +7342,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7418,8 +7418,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7530,8 +7530,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7604,8 +7604,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7699,8 +7699,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7741,8 +7741,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -7812,183 +7812,32 @@ } }, { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "vulnerability": { + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7996,28 +7845,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -8025,31 +7876,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -8057,21 +7894,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-5.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "026da1974d66f84e", - "name": "libarchive", - "version": "3.5.3-5.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -8085,14 +7922,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -8127,9 +7975,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -8145,7 +7993,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -8219,9 +8067,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -8237,7 +8085,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -8269,16 +8117,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "04574712e6ead30e", + "name": "glib2", + "version": "2.68.4-16.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -8294,21 +8294,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9" + "name": "libarchive", + "version": "0:3.5.3-5.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "04574712e6ead30e", - "name": "glib2", - "version": "2.68.4-16.el9", + "id": "026da1974d66f84e", + "name": "libarchive", + "version": "3.5.3-5.el9_6", "type": "rpm", "locations": [ { @@ -8322,13 +8322,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -8362,8 +8362,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8404,8 +8404,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8499,8 +8499,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8541,8 +8541,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8611,6 +8611,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -8636,8 +8781,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8698,8 +8843,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8790,8 +8935,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8843,8 +8988,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8935,8 +9080,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8988,8 +9133,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -9091,8 +9236,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -9145,8 +9290,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -9248,8 +9393,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -9314,8 +9459,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -9412,8 +9557,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9474,8 +9619,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9566,8 +9711,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9627,8 +9772,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9722,8 +9867,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9783,8 +9928,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9889,8 +10034,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9950,8 +10095,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10060,8 +10205,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10121,8 +10266,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -10231,8 +10376,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10279,8 +10424,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10376,8 +10521,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10424,8 +10569,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10521,8 +10666,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10569,8 +10714,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10666,8 +10811,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10714,8 +10859,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10811,8 +10956,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10872,8 +11017,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10964,8 +11109,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -11032,8 +11177,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -11141,8 +11286,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -11203,8 +11348,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -11295,8 +11440,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11365,8 +11510,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11463,8 +11608,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11525,8 +11670,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11592,6 +11737,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:ae5872a20ea86e6a5ad9645ef9a8b10c3a72f912eda3ccbf7db35c7bfa34be38", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -11617,8 +11902,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -11678,8 +11963,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -12098,87 +12383,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.7.2.md b/docs/security/agent/grype-25.7.2.md index f3abfce..b92157d 100644 --- a/docs/security/agent/grype-25.7.2.md +++ b/docs/security/agent/grype-25.7.2.md @@ -8,6 +8,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-5914](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5914) | High | | sqlite-libs | 3.34.1-7.el9_3 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-7425](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7425) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9 | [CVE-2024-52533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533) | Medium | | glib2 | 2.68.4-16.el9 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | @@ -17,8 +18,8 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | gnutls | 3.8.3-6.el9 | [CVE-2025-32989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-4207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-12818](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818) | Medium | -| glib2 | 2.68.4-16.el9 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414) | Medium | +| glib2 | 2.68.4-16.el9 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.1 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | | fluent-bit | 25.7.2 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32415](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415) | Medium | @@ -27,9 +28,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.7.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -42,13 +43,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-10.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | @@ -58,9 +60,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-1632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1632) | Low | | openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | | openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | -| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | ncurses-base | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | | ncurses-libs | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | +| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | glib2 | 2.68.4-16.el9 | [CVE-2025-3360](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360) | Low | | pcre2 | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | | pcre2-syntax | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | diff --git a/docs/security/agent/grype-25.7.4.json b/docs/security/agent/grype-25.7.4.json index d5c0222..7b5466d 100644 --- a/docs/security/agent/grype-25.7.4.json +++ b/docs/security/agent/grype-25.7.4.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "6b7ebba723f3d1d6", + "name": "curl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 6.5, + "exploitabilityScore": 2.9, "impactScore": 3.6 }, "vendorMetadata": {} - } - ], - "epss": [ + }, { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "6b7ebba723f3d1d6", - "name": "curl-minimal", - "version": "7.76.1-31.el9", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3365,8 +3365,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3460,8 +3460,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3561,8 +3561,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3633,87 +3633,140 @@ }, { "vulnerability": { - "id": "CVE-2025-4207", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.036515 + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-4207", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-4207/", - "http://www.openwall.com/lists/oss-security/2025/05/09/3", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" ], - "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -3721,7 +3774,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3729,21 +3782,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "ncurses", + "version": "6.2-10.20210508.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-4207", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "f866293dd48b75b0", + "name": "ncurses-base", + "version": "6.2-10.20210508.el9", "type": "rpm", "locations": [ { @@ -3757,14 +3813,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3774,85 +3841,140 @@ }, { "vulnerability": { - "id": "CVE-2025-12818", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", + "id": "CVE-2022-29458", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", "namespace": "redhat:distro:redhat:9", - "severity": "Medium", + "severity": "Low", "urls": [], - "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.1, + "exploitabilityScore": 1.9, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:6.2-10.20210508.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:6.2-10.20210508.el9_6.2", + "date": "2025-08-06", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.035625000000000004 + "advisories": [ + { + "id": "RHSA-2025:12876", + "link": "https://access.redhat.com/errata/RHSA-2025:12876" + } + ], + "risk": 0.03685499999999999 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-12818", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", + "id": "CVE-2022-29458", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-12818/" - ], - "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", - "cvss": [ - { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "http://seclists.org/fulldisclosure/2022/Oct/28", + "http://seclists.org/fulldisclosure/2022/Oct/41", + "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", + "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", + "https://support.apple.com/kb/HT213488" + ], + "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "metrics": { + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "metrics": { + "baseScore": 5.8, + "exploitabilityScore": 8.6, + "impactScore": 5 + }, + "vendorMetadata": {} + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 7.1, + "exploitabilityScore": 1.9, + "impactScore": 5.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-12818", - "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "cve": "CVE-2022-29458", + "epss": 0.00081, + "percentile": 0.24183, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-12818", - "cwe": "CWE-190", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" + }, + { + "cve": "CVE-2022-29458", + "cwe": "CWE-125", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -3860,7 +3982,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3868,21 +3990,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "ncurses", + "version": "6.2-10.20210508.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-12818", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2022-29458", + "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:6.2-10.20210508.el9_6.2" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "f3ef10418ec3cca6", + "name": "ncurses-libs", + "version": "6.2-10.20210508.el9", "type": "rpm", "locations": [ { @@ -3896,14 +4021,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "upstreams": [ + { + "name": "ncurses", + "version": "6.2-10.20210508.el9" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3913,12 +4049,12 @@ }, { "vulnerability": { - "id": "CVE-2023-45322", - "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", + "id": "CVE-2025-4207", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-4207", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", + "description": "A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination.", "cvss": [ { "type": "Secondary", @@ -3934,18 +4070,18 @@ ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" } ], "fix": { @@ -3953,30 +4089,29 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.03382000000000001 + "risk": 0.036515 }, "relatedVulnerabilities": [ { - "id": "CVE-2023-45322", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", + "id": "CVE-2025-4207", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", "namespace": "nvd:cpe", "severity": "Medium", "urls": [ - "http://www.openwall.com/lists/oss-security/2023/10/06/5", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", - "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + "https://www.postgresql.org/support/security/CVE-2025-4207/", + "http://www.openwall.com/lists/oss-security/2025/05/09/3", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" ], - "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", "cvss": [ { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, + "baseScore": 5.9, + "exploitabilityScore": 2.3, "impactScore": 3.6 }, "vendorMetadata": {} @@ -3984,18 +4119,18 @@ ], "epss": [ { - "cve": "CVE-2023-45322", - "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2023-45322", - "cwe": "CWE-416", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" } ] } @@ -4010,21 +4145,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "libpq", + "version": "0:13.20-1.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2023-45322", + "vulnerabilityID": "CVE-2025-4207", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", "type": "rpm", "locations": [ { @@ -4038,13 +4173,13 @@ ], "language": "", "licenses": [ - "MIT" + "PostgreSQL" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4055,140 +4190,115 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "High", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ], "fix": { "versions": [ - "0:6.2-10.20210508.el9_6.2" + "0:3.34.1-9.el9_7" ], "state": "fixed", "available": [ { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "risk": 0.03094 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Critical", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 }, "vendorMetadata": {} }, { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", - "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -4204,24 +4314,24 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "sqlite", + "version": "3.34.1-7.el9_3" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" }, "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "f866293dd48b75b0", - "name": "ncurses-base", - "version": "6.2-10.20210508.el9", + "id": "45f6f999e295a17b", + "name": "sqlite-libs", + "version": "3.34.1-7.el9_3", "type": "rpm", "locations": [ { @@ -4235,23 +4345,23 @@ ], "language": "", "licenses": [ - "MIT" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:ncurses-base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_base:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-base:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_base:6.2-10.20210508.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/ncurses-base@6.2-10.20210508.el9?arch=noarch&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", "upstreams": [ { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "sqlite", + "version": "3.34.1-7.el9_3" } ], "metadataType": "RpmMetadata", @@ -4263,148 +4373,235 @@ }, { "vulnerability": { - "id": "CVE-2022-29458", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-12818", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.1, - "exploitabilityScore": 1.9, - "impactScore": 4.3 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary" } ], "fix": { - "versions": [ - "0:6.2-10.20210508.el9_6.2" - ], - "state": "fixed", - "available": [ - { - "version": "0:6.2-10.20210508.el9_6.2", - "date": "2025-08-06", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:12876", - "link": "https://access.redhat.com/errata/RHSA-2025:12876" - } - ], - "risk": 0.03094 + "advisories": [], + "risk": 0.035625000000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-29458", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", + "id": "CVE-2025-12818", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12818", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "http://seclists.org/fulldisclosure/2022/Oct/28", - "http://seclists.org/fulldisclosure/2022/Oct/41", - "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", - "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", - "https://support.apple.com/kb/HT213488" + "https://www.postgresql.org/support/security/CVE-2025-12818/" ], - "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", + "description": "Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.", "cvss": [ { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-12818", + "epss": 0.00057, + "percentile": 0.18044, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-12818", + "cwe": "CWE-190", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "libpq", + "version": "0:13.20-1.el9_5" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-12818", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "PostgreSQL" + ], + "cpes": [ + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2023-45322", + "dataSource": "https://access.redhat.com/security/cve/CVE-2023-45322", + "namespace": "redhat:distro:redhat:9", + "severity": "Low", + "urls": [], + "description": "A flaw was found in libxml2. In an out-of-memory condition or when limiting the memory allocation, processing a XML document using the HTML parser may result in a use-after-free vulnerability.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2023-45322", + "cwe": "CWE-416", + "source": "nvd@nist.gov", + "type": "Primary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.03382000000000001 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2023-45322", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "http://www.openwall.com/lists/oss-security/2023/10/06/5", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", + "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html" + ], + "description": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is \"I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail.\"", + "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", - "metrics": { - "baseScore": 5.8, - "exploitabilityScore": 8.6, - "impactScore": 5 - }, - "vendorMetadata": {} - }, - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.1, - "exploitabilityScore": 1.9, - "impactScore": 5.2 + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-29458", - "epss": 0.00068, - "percentile": 0.21084, - "date": "2025-12-22" + "cve": "CVE-2023-45322", + "epss": 0.00076, + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", + "cve": "CVE-2023-45322", + "cwe": "CWE-416", "source": "nvd@nist.gov", "type": "Primary" - }, - { - "cve": "CVE-2022-29458", - "cwe": "CWE-125", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4412,24 +4609,21 @@ "version": "9.6" }, "package": { - "name": "ncurses", - "version": "6.2-10.20210508.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-29458", - "versionConstraint": "< 0:6.2-10.20210508.el9_6.2 (rpm)" - }, - "fix": { - "suggestedVersion": "0:6.2-10.20210508.el9_6.2" + "vulnerabilityID": "CVE-2023-45322", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "f3ef10418ec3cca6", - "name": "ncurses-libs", - "version": "6.2-10.20210508.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -4446,22 +4640,11 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:ncurses-libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses-libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses_libs:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:ncurses:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses-libs:6.2-10.20210508.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:ncurses_libs:6.2-10.20210508.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/ncurses-libs@6.2-10.20210508.el9?arch=x86_64&distro=rhel-9.6&upstream=ncurses-6.2-10.20210508.el9.src.rpm", - "upstreams": [ - { - "name": "ncurses", - "version": "6.2-10.20210508.el9" - } + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4494,8 +4677,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4543,8 +4726,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4612,59 +4795,79 @@ }, { "vulnerability": { - "id": "CVE-2022-41409", - "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", "namespace": "redhat:distro:redhat:9", - "severity": "Low", + "severity": "Medium", "urls": [], - "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", + "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [], - "state": "not-fixed" + "versions": [ + "0:2.9.13-12.el9_6" + ], + "state": "fixed", + "available": [ + { + "version": "0:2.9.13-12.el9_6", + "date": "2025-08-08", + "kind": "first-observed" + } + ] }, - "advisories": [], - "risk": 0.025315 + "advisories": [ + { + "id": "RHSA-2025:13428", + "link": "https://access.redhat.com/errata/RHSA-2025:13428" + } + ], + "risk": 0.027559999999999998 }, "relatedVulnerabilities": [ { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", + "id": "CVE-2025-32414", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", + "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", + "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "cvss": [ { "source": "nvd@nist.gov", @@ -4677,20 +4880,38 @@ "impactScore": 3.6 }, "vendorMetadata": {} + }, + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "metrics": { + "baseScore": 5.6, + "exploitabilityScore": 1.5, + "impactScore": 3.8 + }, + "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "cve": "CVE-2025-32414", + "epss": 0.00052, + "percentile": 0.16448, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", + "cve": "CVE-2025-32414", + "cwe": "CWE-393", + "source": "cve@mitre.org", + "type": "Secondary" + }, + { + "cve": "CVE-2025-32414", + "cwe": "CWE-252", "source": "nvd@nist.gov", "type": "Primary" } @@ -4707,21 +4928,24 @@ "version": "9.6" }, "package": { - "name": "pcre2", - "version": "0:10.40-6.el9" + "name": "libxml2", + "version": "0:2.9.13-10.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-32414", + "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" + }, + "fix": { + "suggestedVersion": "0:2.9.13-12.el9_6" } } ], "artifact": { - "id": "d52857c4436af57f", - "name": "pcre2", - "version": "10.40-6.el9", + "id": "cad7c140298c7fa1", + "name": "libxml2", + "version": "2.9.13-10.el9_6", "type": "rpm", "locations": [ { @@ -4735,13 +4959,13 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -4775,8 +4999,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4823,8 +5047,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4839,7 +5063,7 @@ ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -4848,7 +5072,7 @@ }, "package": { "name": "pcre2", - "version": "10.40-6.el9" + "version": "0:10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, @@ -4859,8 +5083,8 @@ } ], "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", + "id": "d52857c4436af57f", + "name": "pcre2", "version": "10.40-6.el9", "type": "rpm", "locations": [ @@ -4878,22 +5102,11 @@ "BSD" ], "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } + "cpe:2.3:a:redhat:pcre2:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2:10.40-6.el9:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/pcre2@10.40-6.el9?arch=x86_64&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -4903,116 +5116,87 @@ }, { "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://access.redhat.com/security/cve/CVE-2022-41409", "namespace": "redhat:distro:redhat:9", - "severity": "High", + "severity": "Low", "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "description": "A flaw was found in PCRE2, where it is susceptible to an integer overflow vulnerability triggered by a negative repeat value in the pcre2test subject line that causes infinite looping. This flaw allows a remote attacker to pass specially crafted data to the application, initiating an integer overflow and executing a denial of service (DoS) attack.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] - }, - "advisories": [ + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" + } + ], + "cwes": [ { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], - "risk": 0.02508 + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -5027,24 +5211,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "45f6f999e295a17b", - "name": "sqlite-libs", - "version": "3.34.1-7.el9_3", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -5058,23 +5239,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-7.el9_3:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-7.el9_3:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-7.el9_3?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-7.el9_3.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-7.el9_3" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -5109,8 +5290,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5152,8 +5333,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5247,8 +5428,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -5290,8 +5471,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -5385,8 +5566,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5481,8 +5662,8 @@ { "cve": "CVE-2025-7425", "epss": 0.0003, - "percentile": 0.08096, - "date": "2025-12-22" + "percentile": 0.08206, + "date": "2025-12-29" } ], "cwes": [ @@ -5576,8 +5757,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5624,8 +5805,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5716,8 +5897,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5777,8 +5958,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5863,269 +6044,86 @@ "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.02125 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-27943", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", - "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" - ], - "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", - "metrics": { - "baseScore": 4.3, - "exploitabilityScore": 8.6, - "impactScore": 2.9 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-27943", - "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-27943", - "cwe": "CWE-674", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "gcc", - "version": "11.5.0-5.el9_5" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-27943", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "54d8bbcf6652ae80", - "name": "libstdc++", - "version": "11.5.0-5.el9_5", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" - ], - "cpes": [ - "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", - "upstreams": [ - { - "name": "gcc", - "version": "11.5.0-5.el9_5" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-32414", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-32414", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", - "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } ], "fix": { - "versions": [ - "0:2.9.13-12.el9_6" - ], - "state": "fixed", - "available": [ - { - "version": "0:2.9.13-12.el9_6", - "date": "2025-08-08", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:13428", - "link": "https://access.redhat.com/errata/RHSA-2025:13428" - } - ], - "risk": 0.021200000000000004 + "advisories": [], + "risk": 0.02125 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32414", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", + "id": "CVE-2022-27943", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", - "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html" + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=28995" ], - "description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", + "description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} }, { - "source": "cve@mitre.org", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "metrics": { - "baseScore": 5.6, - "exploitabilityScore": 1.5, - "impactScore": 3.8 + "baseScore": 4.3, + "exploitabilityScore": 8.6, + "impactScore": 2.9 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32414", - "epss": 0.0004, - "percentile": 0.12058, - "date": "2025-12-22" + "cve": "CVE-2022-27943", + "epss": 0.0005, + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32414", - "cwe": "CWE-393", - "source": "cve@mitre.org", - "type": "Secondary" - }, - { - "cve": "CVE-2025-32414", - "cwe": "CWE-252", + "cve": "CVE-2022-27943", + "cwe": "CWE-674", "source": "nvd@nist.gov", "type": "Primary" } @@ -6134,7 +6132,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6142,24 +6140,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-10.el9_6" + "name": "gcc", + "version": "11.5.0-5.el9_5" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32414", - "versionConstraint": "< 0:2.9.13-12.el9_6 (rpm)" - }, - "fix": { - "suggestedVersion": "0:2.9.13-12.el9_6" + "vulnerabilityID": "CVE-2022-27943", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "cad7c140298c7fa1", - "name": "libxml2", - "version": "2.9.13-10.el9_6", + "id": "54d8bbcf6652ae80", + "name": "libstdc++", + "version": "11.5.0-5.el9_5", "type": "rpm", "locations": [ { @@ -6173,14 +6168,19 @@ ], "language": "", "licenses": [ - "MIT" + "GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-10.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libstdc\\+\\+:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libstdc\\+\\+:11.5.0-5.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libstdc%2B%2B@11.5.0-5.el9_5?arch=x86_64&distro=rhel-9.6&upstream=gcc-11.5.0-5.el9_5.src.rpm", + "upstreams": [ + { + "name": "gcc", + "version": "11.5.0-5.el9_5" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-10.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6212,9 +6212,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6244,7 +6244,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -6287,9 +6287,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -6397,8 +6397,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -6489,8 +6489,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -6569,8 +6569,8 @@ { "cve": "CVE-2025-32415", "epss": 0.00024, - "percentile": 0.05927, - "date": "2025-12-22" + "percentile": 0.0597, + "date": "2025-12-29" } ], "cwes": [ @@ -6670,8 +6670,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -6736,8 +6736,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -6834,8 +6834,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -6910,8 +6910,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7011,8 +7011,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7087,8 +7087,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -7199,8 +7199,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7273,8 +7273,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -7368,8 +7368,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7410,8 +7410,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -7481,183 +7481,32 @@ } }, { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "b20b4850f0fa0e54", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "vulnerability": { + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -7665,28 +7514,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -7694,31 +7545,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -7726,21 +7563,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-5.el9_6" + "name": "curl", + "version": "7.76.1-31.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "026da1974d66f84e", - "name": "libarchive", - "version": "3.5.3-5.el9_6", + "id": "b20b4850f0fa0e54", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9", "type": "rpm", "locations": [ { @@ -7754,14 +7591,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -7796,9 +7644,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -7814,7 +7662,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -7888,9 +7736,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -7906,7 +7754,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -7938,16 +7786,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -7963,21 +7963,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-5.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "026da1974d66f84e", + "name": "libarchive", + "version": "3.5.3-5.el9_6", "type": "rpm", "locations": [ { @@ -7991,13 +7991,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -8031,8 +8031,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8073,8 +8073,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8168,8 +8168,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8210,8 +8210,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8280,6 +8280,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -8305,8 +8450,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8367,8 +8512,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -8459,8 +8604,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8512,8 +8657,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8604,8 +8749,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8657,8 +8802,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -8760,8 +8905,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -8814,8 +8959,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -8917,8 +9062,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -8983,8 +9128,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -9081,8 +9226,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9143,8 +9288,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -9235,8 +9380,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9296,8 +9441,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9391,8 +9536,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9452,8 +9597,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9558,8 +9703,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9619,8 +9764,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9729,8 +9874,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9790,8 +9935,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -9900,8 +10045,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -9948,8 +10093,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10045,8 +10190,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10093,8 +10238,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10190,8 +10335,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10238,8 +10383,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10335,8 +10480,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10383,8 +10528,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -10480,8 +10625,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10541,8 +10686,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -10633,8 +10778,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -10701,8 +10846,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -10810,8 +10955,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -10872,8 +11017,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -10964,8 +11109,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11034,8 +11179,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -11132,8 +11277,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11194,8 +11339,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -11261,6 +11406,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:7365a3a0db69d7f481720be6d2cc54794d0f7e1c94fbfe59d74c106a561a7537", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -11286,8 +11571,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -11347,8 +11632,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -11767,87 +12052,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.7.4.md b/docs/security/agent/grype-25.7.4.md index 61f7340..4e3b34f 100644 --- a/docs/security/agent/grype-25.7.4.md +++ b/docs/security/agent/grype-25.7.4.md @@ -8,6 +8,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-5914](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5914) | High | | sqlite-libs | 3.34.1-7.el9_3 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-7425](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7425) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -15,8 +16,8 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | gnutls | 3.8.3-6.el9 | [CVE-2025-32989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-4207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207) | Medium | | libpq | 13.20-1.el9_5 | [CVE-2025-12818](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818) | Medium | -| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414) | Medium | +| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.1 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | | fluent-bit | 25.7.4 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium | | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-32415](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415) | Medium | @@ -25,9 +26,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-10.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.7.4 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -40,13 +41,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-10.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | @@ -56,9 +58,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libarchive | 3.5.3-5.el9_6 | [CVE-2025-1632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1632) | Low | | openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | | openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low | -| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | ncurses-base | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | | ncurses-libs | 6.2-10.20210508.el9 | [CVE-2022-29458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458) | Low | +| libxml2 | 2.9.13-10.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-3360](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360) | Low | | pcre2 | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | | pcre2-syntax | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low | diff --git a/docs/security/agent/grype-25.8.2.json b/docs/security/agent/grype-25.8.2.json index 9b35e85..4c71b7e 100644 --- a/docs/security/agent/grype-25.8.2.json +++ b/docs/security/agent/grype-25.8.2.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3365,8 +3365,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3460,8 +3460,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3561,8 +3561,8 @@ { "cve": "CVE-2025-5914", "epss": 0.00054, - "percentile": 0.17115, - "date": "2025-12-22" + "percentile": 0.17119, + "date": "2025-12-29" } ], "cwes": [ @@ -3656,64 +3656,233 @@ { "cve": "CVE-2025-4207", "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "percentile": 0.2093, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.036515 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-4207", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://www.postgresql.org/support/security/CVE-2025-4207/", + "http://www.openwall.com/lists/oss-security/2025/05/09/3", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + ], + "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "cvss": [ + { + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "libpq", + "version": "0:13.20-1.el9_5" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-4207", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "PostgreSQL" + ], + "cpes": [ + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", - "type": "Secondary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.036515 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-4207", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-4207/", - "http://www.openwall.com/lists/oss-security/2025/05/09/3", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -3721,7 +3890,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3729,21 +3898,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-4207", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -3757,14 +3929,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-8.el9_6" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3797,8 +3980,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -3844,8 +4027,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -3936,8 +4119,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3986,8 +4169,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -4078,8 +4261,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4127,8 +4310,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4219,8 +4402,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4267,8 +4450,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4348,255 +4531,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4611,24 +4614,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -4642,23 +4642,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -4693,8 +4693,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4736,8 +4736,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4831,8 +4831,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4874,8 +4874,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4969,8 +4969,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5017,8 +5017,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -5109,8 +5109,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5170,8 +5170,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5267,8 +5267,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5328,8 +5328,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5424,9 +5424,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5456,7 +5456,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -5499,9 +5499,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5609,8 +5609,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -5701,8 +5701,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5767,8 +5767,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5865,8 +5865,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5941,8 +5941,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -6042,8 +6042,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -6118,8 +6118,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -6230,8 +6230,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -6304,8 +6304,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -6399,8 +6399,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6441,8 +6441,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -6493,148 +6493,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -6650,45 +6513,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6696,28 +6545,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -6725,31 +6576,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6757,21 +6594,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-5.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "026da1974d66f84e", - "name": "libarchive", - "version": "3.5.3-5.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -6785,14 +6622,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6827,9 +6675,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -6845,7 +6693,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -6919,9 +6767,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -6937,7 +6785,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -6969,16 +6817,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -6994,21 +6994,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-5.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "026da1974d66f84e", + "name": "libarchive", + "version": "3.5.3-5.el9_6", "type": "rpm", "locations": [ { @@ -7022,13 +7022,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-5.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-5.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-5.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -7062,8 +7062,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7104,8 +7104,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7199,8 +7199,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7241,8 +7241,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7311,6 +7311,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -7336,8 +7481,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7398,8 +7543,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7490,8 +7635,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7543,8 +7688,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7635,8 +7780,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7688,8 +7833,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7791,8 +7936,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7845,8 +7990,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7948,8 +8093,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -8014,8 +8159,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -8112,8 +8257,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -8174,8 +8319,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -8266,8 +8411,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8314,8 +8459,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8411,8 +8556,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8459,8 +8604,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8556,8 +8701,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8604,8 +8749,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8701,8 +8846,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8749,8 +8894,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8846,8 +8991,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8907,8 +9052,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8999,8 +9144,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -9067,8 +9212,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -9176,8 +9321,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -9238,8 +9383,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -9330,8 +9475,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9400,8 +9545,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9498,8 +9643,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9560,8 +9705,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9627,6 +9772,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:780001ea1a42e8b21b6f25c2a7ec8f0383247d69089019c716e7a7c0993ba62c", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -9652,8 +9937,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9713,8 +9998,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -10133,87 +10418,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.8.2.md b/docs/security/agent/grype-25.8.2.md index 5037a4f..034d3e0 100644 --- a/docs/security/agent/grype-25.8.2.md +++ b/docs/security/agent/grype-25.8.2.md @@ -7,6 +7,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | --- | --- | --- | --- | | libarchive | 3.5.3-5.el9_6 | [CVE-2025-5914](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5914) | High | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -22,9 +23,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.8.2 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-5.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -33,13 +34,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.8.4.json b/docs/security/agent/grype-25.8.4.json index 478e672..ddd8173 100644 --- a/docs/security/agent/grype-25.8.4.json +++ b/docs/security/agent/grype-25.8.4.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3365,8 +3365,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3460,64 +3460,233 @@ { "cve": "CVE-2025-4207", "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "percentile": 0.2093, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.036515 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-4207", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://www.postgresql.org/support/security/CVE-2025-4207/", + "http://www.openwall.com/lists/oss-security/2025/05/09/3", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + ], + "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "cvss": [ + { + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-4207", + "epss": 0.00067, + "percentile": 0.2093, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-4207", + "cwe": "CWE-126", + "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "libpq", + "version": "0:13.20-1.el9_5" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-4207", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "9e9440b1f6d978f7", + "name": "libpq", + "version": "13.20-1.el9_5", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "PostgreSQL" + ], + "cpes": [ + "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", + "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", - "type": "Secondary" + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.036515 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-4207", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-4207", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://www.postgresql.org/support/security/CVE-2025-4207/", - "http://www.openwall.com/lists/oss-security/2025/05/09/3", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00011.html" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-4207", - "epss": 0.00067, - "percentile": 0.20903, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-4207", - "cwe": "CWE-126", - "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -3525,7 +3694,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3533,21 +3702,24 @@ "version": "9.6" }, "package": { - "name": "libpq", - "version": "0:13.20-1.el9_5" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-4207", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "9e9440b1f6d978f7", - "name": "libpq", - "version": "13.20-1.el9_5", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -3561,14 +3733,25 @@ ], "language": "", "licenses": [ - "PostgreSQL" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:redhat:libpq:13.20-1.el9_5:*:*:*:*:*:*:*", - "cpe:2.3:a:libpq:libpq:13.20-1.el9_5:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-8.el9_6" + } ], - "purl": "pkg:rpm/redhat/libpq@13.20-1.el9_5?arch=x86_64&distro=rhel-9.6&upstream=libpq-13.20-1.el9_5.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3601,8 +3784,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -3648,8 +3831,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -3740,8 +3923,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3790,8 +3973,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3882,8 +4065,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3931,8 +4114,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -4023,8 +4206,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4071,8 +4254,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -4152,255 +4335,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4415,24 +4418,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -4446,23 +4446,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -4497,8 +4497,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4540,8 +4540,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4635,8 +4635,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4678,8 +4678,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4773,8 +4773,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4821,8 +4821,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4913,8 +4913,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4974,8 +4974,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5071,8 +5071,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5132,8 +5132,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -5228,9 +5228,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5260,7 +5260,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -5303,9 +5303,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5413,8 +5413,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -5505,8 +5505,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5571,8 +5571,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5669,8 +5669,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5745,8 +5745,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5846,8 +5846,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5922,8 +5922,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -6034,8 +6034,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -6108,8 +6108,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -6203,8 +6203,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6245,8 +6245,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -6297,148 +6297,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -6454,45 +6317,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6500,28 +6349,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -6529,31 +6380,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6561,21 +6398,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -6589,14 +6426,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6631,9 +6479,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -6649,7 +6497,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -6723,9 +6571,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -6741,7 +6589,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -6773,16 +6621,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -6798,21 +6798,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -6826,13 +6826,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -6866,8 +6866,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6908,8 +6908,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7003,8 +7003,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7045,8 +7045,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7115,6 +7115,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -7140,8 +7285,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7202,8 +7347,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7294,8 +7439,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7347,8 +7492,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7439,8 +7584,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7492,8 +7637,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7595,8 +7740,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7649,8 +7794,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7752,8 +7897,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7818,8 +7963,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7916,8 +8061,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7978,8 +8123,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -8070,8 +8215,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8118,8 +8263,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8215,8 +8360,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8263,8 +8408,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8360,8 +8505,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8408,8 +8553,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8505,8 +8650,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8553,8 +8698,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8650,8 +8795,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8711,8 +8856,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8803,8 +8948,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8871,8 +9016,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8980,8 +9125,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -9042,8 +9187,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -9134,8 +9279,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9204,8 +9349,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9302,8 +9447,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9364,8 +9509,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9431,6 +9576,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:0eb5d20b2dd38818489a79d48a0bb6d5c357f22db3ba9ae973ab798676877b5b", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -9456,8 +9741,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9517,8 +9802,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9937,87 +10222,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.8.4.md b/docs/security/agent/grype-25.8.4.md index 980ecc9..663aab7 100644 --- a/docs/security/agent/grype-25.8.4.md +++ b/docs/security/agent/grype-25.8.4.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -21,9 +22,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.8.3 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -32,13 +33,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.9.1.json b/docs/security/agent/grype-25.9.1.json index dac3417..fda0765 100644 --- a/docs/security/agent/grype-25.9.1.json +++ b/docs/security/agent/grype-25.9.1.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } - ], - "cwes": [ - { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + ], + "cwes": [ + { + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3309,71 +3309,243 @@ ], "fix": { "versions": [ - "0:3.8.3-6.el9_6.2" + "0:3.8.3-6.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.8.3-6.el9_6.2", + "date": "2025-09-18", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:16116", + "link": "https://access.redhat.com/errata/RHSA-2025:16116" + } + ], + "risk": 0.044289999999999996 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-32989", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2025:16115", + "https://access.redhat.com/errata/RHSA-2025:16116", + "https://access.redhat.com/errata/RHSA-2025:17181", + "https://access.redhat.com/errata/RHSA-2025:17348", + "https://access.redhat.com/errata/RHSA-2025:17361", + "https://access.redhat.com/errata/RHSA-2025:19088", + "https://access.redhat.com/errata/RHSA-2025:22529", + "https://access.redhat.com/security/cve/CVE-2025-32989", + "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", + "http://www.openwall.com/lists/oss-security/2025/07/11/3" + ], + "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "metrics": { + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-32989", + "epss": 0.00086, + "percentile": 0.25191, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-32989", + "cwe": "CWE-295", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnutls", + "version": "0:3.8.3-6.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-32989", + "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.8.3-6.el9_6.2" + } + } + ], + "artifact": { + "id": "1f56fd24429e9f5d", + "name": "gnutls", + "version": "3.8.3-6.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+ and LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" ], "state": "fixed", "available": [ { - "version": "0:3.8.3-6.el9_6.2", - "date": "2025-09-18", + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:16116", - "link": "https://access.redhat.com/errata/RHSA-2025:16116" + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "risk": 0.044289999999999996 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32989", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://access.redhat.com/errata/RHSA-2025:16115", - "https://access.redhat.com/errata/RHSA-2025:16116", - "https://access.redhat.com/errata/RHSA-2025:17181", - "https://access.redhat.com/errata/RHSA-2025:17348", - "https://access.redhat.com/errata/RHSA-2025:17361", - "https://access.redhat.com/errata/RHSA-2025:19088", - "https://access.redhat.com/errata/RHSA-2025:22529", - "https://access.redhat.com/security/cve/CVE-2025-32989", - "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", - "http://www.openwall.com/lists/oss-security/2025/07/11/3" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "secalert@redhat.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 5.3, + "baseScore": 9.8, "exploitabilityScore": 3.9, - "impactScore": 1.5 + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32989", - "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32989", - "cwe": "CWE-295", - "source": "secalert@redhat.com", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -3381,7 +3553,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3389,24 +3561,24 @@ "version": "9.6" }, "package": { - "name": "gnutls", - "version": "0:3.8.3-6.el9" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32989", - "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" }, "fix": { - "suggestedVersion": "0:3.8.3-6.el9_6.2" + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "1f56fd24429e9f5d", - "name": "gnutls", - "version": "3.8.3-6.el9", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -3420,14 +3592,25 @@ ], "language": "", "licenses": [ - "GPLv3+ and LGPLv2+" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-8.el9_6" + } ], - "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3460,8 +3643,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3510,8 +3693,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3602,8 +3785,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3651,8 +3834,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3743,8 +3926,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3791,8 +3974,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3872,255 +4055,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4135,24 +4138,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -4166,23 +4166,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -4217,8 +4217,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4260,8 +4260,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4355,8 +4355,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4398,8 +4398,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4493,8 +4493,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4541,8 +4541,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4633,8 +4633,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4694,8 +4694,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4791,8 +4791,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4852,8 +4852,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,9 +4948,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4980,7 +4980,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -5023,9 +5023,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5133,8 +5133,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -5225,8 +5225,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5389,8 +5389,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5465,8 +5465,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5566,8 +5566,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5642,8 +5642,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5754,8 +5754,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5828,8 +5828,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5923,8 +5923,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5965,8 +5965,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -6017,148 +6017,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -6174,45 +6037,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6220,28 +6069,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -6249,31 +6100,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6281,21 +6118,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -6309,14 +6146,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6351,9 +6199,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -6369,7 +6217,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -6443,9 +6291,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -6461,7 +6309,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -6493,16 +6341,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -6518,21 +6518,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -6546,13 +6546,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -6586,8 +6586,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6628,8 +6628,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6723,8 +6723,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6765,8 +6765,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6835,6 +6835,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6860,8 +7005,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6922,8 +7067,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7014,8 +7159,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7067,8 +7212,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7159,8 +7304,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7212,8 +7357,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7315,8 +7460,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7369,8 +7514,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7472,8 +7617,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7538,8 +7683,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7636,8 +7781,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7698,8 +7843,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7790,8 +7935,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7838,8 +7983,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7935,8 +8080,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7983,8 +8128,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8080,8 +8225,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8128,8 +8273,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8225,8 +8370,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8273,8 +8418,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8370,8 +8515,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8431,8 +8576,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8523,8 +8668,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8591,8 +8736,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8700,8 +8845,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8762,8 +8907,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8854,8 +8999,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8924,8 +9069,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9022,8 +9167,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9084,8 +9229,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9151,6 +9296,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:edd45c7762182a07027035e2eb9b73574f64ed728decb7abff3b667f77c65985", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -9176,8 +9461,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9237,8 +9522,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9657,87 +9942,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.9.1.md b/docs/security/agent/grype-25.9.1.md index ecdfff0..545450e 100644 --- a/docs/security/agent/grype-25.9.1.md +++ b/docs/security/agent/grype-25.9.1.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -19,9 +20,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.9.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -30,13 +31,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.9.2.json b/docs/security/agent/grype-25.9.2.json index 773802f..ccaecaa 100644 --- a/docs/security/agent/grype-25.9.2.json +++ b/docs/security/agent/grype-25.9.2.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } - ], - "cwes": [ - { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + ], + "cwes": [ + { + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3309,71 +3309,243 @@ ], "fix": { "versions": [ - "0:3.8.3-6.el9_6.2" + "0:3.8.3-6.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.8.3-6.el9_6.2", + "date": "2025-09-18", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:16116", + "link": "https://access.redhat.com/errata/RHSA-2025:16116" + } + ], + "risk": 0.044289999999999996 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-32989", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2025:16115", + "https://access.redhat.com/errata/RHSA-2025:16116", + "https://access.redhat.com/errata/RHSA-2025:17181", + "https://access.redhat.com/errata/RHSA-2025:17348", + "https://access.redhat.com/errata/RHSA-2025:17361", + "https://access.redhat.com/errata/RHSA-2025:19088", + "https://access.redhat.com/errata/RHSA-2025:22529", + "https://access.redhat.com/security/cve/CVE-2025-32989", + "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", + "http://www.openwall.com/lists/oss-security/2025/07/11/3" + ], + "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "metrics": { + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-32989", + "epss": 0.00086, + "percentile": 0.25191, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-32989", + "cwe": "CWE-295", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnutls", + "version": "0:3.8.3-6.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-32989", + "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.8.3-6.el9_6.2" + } + } + ], + "artifact": { + "id": "1f56fd24429e9f5d", + "name": "gnutls", + "version": "3.8.3-6.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+ and LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" ], "state": "fixed", "available": [ { - "version": "0:3.8.3-6.el9_6.2", - "date": "2025-09-18", + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:16116", - "link": "https://access.redhat.com/errata/RHSA-2025:16116" + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "risk": 0.044289999999999996 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32989", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://access.redhat.com/errata/RHSA-2025:16115", - "https://access.redhat.com/errata/RHSA-2025:16116", - "https://access.redhat.com/errata/RHSA-2025:17181", - "https://access.redhat.com/errata/RHSA-2025:17348", - "https://access.redhat.com/errata/RHSA-2025:17361", - "https://access.redhat.com/errata/RHSA-2025:19088", - "https://access.redhat.com/errata/RHSA-2025:22529", - "https://access.redhat.com/security/cve/CVE-2025-32989", - "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", - "http://www.openwall.com/lists/oss-security/2025/07/11/3" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "secalert@redhat.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 5.3, + "baseScore": 9.8, "exploitabilityScore": 3.9, - "impactScore": 1.5 + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32989", - "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32989", - "cwe": "CWE-295", - "source": "secalert@redhat.com", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -3381,7 +3553,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3389,24 +3561,24 @@ "version": "9.6" }, "package": { - "name": "gnutls", - "version": "0:3.8.3-6.el9" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32989", - "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" }, "fix": { - "suggestedVersion": "0:3.8.3-6.el9_6.2" + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "1f56fd24429e9f5d", - "name": "gnutls", - "version": "3.8.3-6.el9", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -3420,14 +3592,25 @@ ], "language": "", "licenses": [ - "GPLv3+ and LGPLv2+" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-8.el9_6" + } ], - "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3460,8 +3643,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3510,8 +3693,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3602,8 +3785,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3651,8 +3834,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3743,8 +3926,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3791,8 +3974,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3872,255 +4055,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4135,24 +4138,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -4166,23 +4166,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -4217,8 +4217,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4260,8 +4260,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4355,8 +4355,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4398,8 +4398,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4493,8 +4493,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4541,8 +4541,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4633,8 +4633,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4694,8 +4694,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4791,8 +4791,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4852,8 +4852,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,9 +4948,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4980,7 +4980,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -5023,9 +5023,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5133,8 +5133,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -5225,8 +5225,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5389,8 +5389,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5465,8 +5465,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5566,8 +5566,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5642,8 +5642,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5754,8 +5754,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5828,8 +5828,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5923,8 +5923,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5965,8 +5965,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -6017,148 +6017,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -6174,45 +6037,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6220,28 +6069,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -6249,31 +6100,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6281,21 +6118,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -6309,14 +6146,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6351,9 +6199,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -6369,7 +6217,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -6443,9 +6291,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -6461,7 +6309,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -6493,16 +6341,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -6518,21 +6518,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -6546,13 +6546,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -6586,8 +6586,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6628,8 +6628,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6723,8 +6723,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6765,8 +6765,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6835,6 +6835,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6860,8 +7005,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6922,8 +7067,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7014,8 +7159,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7067,8 +7212,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7159,8 +7304,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7212,8 +7357,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7315,8 +7460,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7369,8 +7514,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7472,8 +7617,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7538,8 +7683,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7636,8 +7781,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7698,8 +7843,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7790,8 +7935,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7838,8 +7983,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7935,8 +8080,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7983,8 +8128,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8080,8 +8225,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8128,8 +8273,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8225,8 +8370,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8273,8 +8418,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8370,8 +8515,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8431,8 +8576,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8523,8 +8668,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8591,8 +8736,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8700,8 +8845,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8762,8 +8907,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8854,8 +8999,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8924,8 +9069,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9022,8 +9167,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9084,8 +9229,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9151,6 +9296,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31a5b734e9d4104fb0b3d7e1a5c0073993812555c6fb7ab75c73300346a1cc7e", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -9176,8 +9461,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9237,8 +9522,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9657,87 +9942,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.9.2.md b/docs/security/agent/grype-25.9.2.md index 89d3bf0..6c37dad 100644 --- a/docs/security/agent/grype-25.9.2.md +++ b/docs/security/agent/grype-25.9.2.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -19,9 +20,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.9.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -30,13 +31,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.9.3.json b/docs/security/agent/grype-25.9.3.json index a45ad48..d7317ea 100644 --- a/docs/security/agent/grype-25.9.3.json +++ b/docs/security/agent/grype-25.9.3.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } - ], - "cwes": [ - { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + ], + "cwes": [ + { + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1919,8 +1919,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2003,8 +2003,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -2097,9 +2097,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2121,7 +2121,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -2164,9 +2164,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2263,8 +2263,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -2442,8 +2442,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2517,8 +2517,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2615,8 +2615,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2711,8 +2711,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2815,8 +2815,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2887,8 +2887,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -2982,8 +2982,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3041,8 +3041,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3133,8 +3133,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3192,8 +3192,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -3295,8 +3295,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -3309,71 +3309,243 @@ ], "fix": { "versions": [ - "0:3.8.3-6.el9_6.2" + "0:3.8.3-6.el9_6.2" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.8.3-6.el9_6.2", + "date": "2025-09-18", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:16116", + "link": "https://access.redhat.com/errata/RHSA-2025:16116" + } + ], + "risk": 0.044289999999999996 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-32989", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2025:16115", + "https://access.redhat.com/errata/RHSA-2025:16116", + "https://access.redhat.com/errata/RHSA-2025:17181", + "https://access.redhat.com/errata/RHSA-2025:17348", + "https://access.redhat.com/errata/RHSA-2025:17361", + "https://access.redhat.com/errata/RHSA-2025:19088", + "https://access.redhat.com/errata/RHSA-2025:22529", + "https://access.redhat.com/security/cve/CVE-2025-32989", + "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", + "http://www.openwall.com/lists/oss-security/2025/07/11/3" + ], + "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "metrics": { + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-32989", + "epss": 0.00086, + "percentile": 0.25191, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-32989", + "cwe": "CWE-295", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnutls", + "version": "0:3.8.3-6.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-32989", + "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.8.3-6.el9_6.2" + } + } + ], + "artifact": { + "id": "1f56fd24429e9f5d", + "name": "gnutls", + "version": "3.8.3-6.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+ and LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" ], "state": "fixed", "available": [ { - "version": "0:3.8.3-6.el9_6.2", - "date": "2025-09-18", + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", "kind": "first-observed" } ] }, "advisories": [ { - "id": "RHSA-2025:16116", - "link": "https://access.redhat.com/errata/RHSA-2025:16116" + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" } ], - "risk": 0.044289999999999996 + "risk": 0.03572 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-32989", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://access.redhat.com/errata/RHSA-2025:16115", - "https://access.redhat.com/errata/RHSA-2025:16116", - "https://access.redhat.com/errata/RHSA-2025:17181", - "https://access.redhat.com/errata/RHSA-2025:17348", - "https://access.redhat.com/errata/RHSA-2025:17361", - "https://access.redhat.com/errata/RHSA-2025:19088", - "https://access.redhat.com/errata/RHSA-2025:22529", - "https://access.redhat.com/security/cve/CVE-2025-32989", - "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", - "http://www.openwall.com/lists/oss-security/2025/07/11/3" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "secalert@redhat.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 5.3, + "baseScore": 9.8, "exploitabilityScore": 3.9, - "impactScore": 1.5 + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-32989", - "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-32989", - "cwe": "CWE-295", - "source": "secalert@redhat.com", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -3381,7 +3553,7 @@ ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -3389,24 +3561,24 @@ "version": "9.6" }, "package": { - "name": "gnutls", - "version": "0:3.8.3-6.el9" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-32989", - "versionConstraint": "< 0:3.8.3-6.el9_6.2 (rpm)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" }, "fix": { - "suggestedVersion": "0:3.8.3-6.el9_6.2" + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "1f56fd24429e9f5d", - "name": "gnutls", - "version": "3.8.3-6.el9", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -3420,14 +3592,25 @@ ], "language": "", "licenses": [ - "GPLv3+ and LGPLv2+" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:gnutls:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:gnutls:3.8.3-6.el9:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "upstreams": [ + { + "name": "sqlite", + "version": "3.34.1-8.el9_6" + } ], - "purl": "pkg:rpm/redhat/gnutls@3.8.3-6.el9?arch=x86_64&distro=rhel-9.6&upstream=gnutls-3.8.3-6.el9.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -3460,8 +3643,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3510,8 +3693,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -3602,8 +3785,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3651,8 +3834,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3743,8 +3926,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3791,8 +3974,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3872,255 +4055,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4135,24 +4138,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -4166,23 +4166,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -4217,8 +4217,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4260,8 +4260,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4355,8 +4355,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -4398,8 +4398,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -4493,8 +4493,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4541,8 +4541,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -4633,8 +4633,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4694,8 +4694,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4791,8 +4791,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4852,8 +4852,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,9 +4948,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4980,7 +4980,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -5023,9 +5023,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -5133,8 +5133,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -5225,8 +5225,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -5389,8 +5389,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5465,8 +5465,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5566,8 +5566,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5642,8 +5642,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5754,8 +5754,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5828,8 +5828,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5923,8 +5923,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5965,8 +5965,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -6017,148 +6017,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -6174,45 +6037,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -6220,28 +6069,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -6249,31 +6100,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -6281,21 +6118,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -6309,14 +6146,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -6351,9 +6199,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -6369,7 +6217,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -6443,9 +6291,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -6461,7 +6309,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -6493,16 +6341,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -6518,21 +6518,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -6546,13 +6546,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -6586,8 +6586,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6628,8 +6628,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6723,8 +6723,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6765,8 +6765,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6835,6 +6835,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6860,8 +7005,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6922,8 +7067,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -7014,8 +7159,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7067,8 +7212,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7159,8 +7304,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7212,8 +7357,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -7315,8 +7460,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7369,8 +7514,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -7472,8 +7617,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7538,8 +7683,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -7636,8 +7781,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7698,8 +7843,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7790,8 +7935,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7838,8 +7983,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7935,8 +8080,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7983,8 +8128,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8080,8 +8225,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8128,8 +8273,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8225,8 +8370,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8273,8 +8418,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -8370,8 +8515,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8431,8 +8576,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -8523,8 +8668,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8591,8 +8736,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8700,8 +8845,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8762,8 +8907,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8854,8 +8999,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8924,8 +9069,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -9022,8 +9167,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9084,8 +9229,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -9151,6 +9296,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:de18c09dd5fcfc989af528cd3e121a5e6b07cce0fbd4d56e9fe657c716887cd6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -9176,8 +9461,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9237,8 +9522,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -9662,87 +9947,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.9.3.md b/docs/security/agent/grype-25.9.3.md index b0b1842..de29e95 100644 --- a/docs/security/agent/grype-25.9.3.md +++ b/docs/security/agent/grype-25.9.3.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990) | Medium | | gnutls | 3.8.3-6.el9 | [CVE-2025-32988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988) | Medium | @@ -19,9 +20,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.9.3 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -30,13 +31,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.9.4.json b/docs/security/agent/grype-25.9.4.json index 00d4fa4..a305dcb 100644 --- a/docs/security/agent/grype-25.9.4.json +++ b/docs/security/agent/grype-25.9.4.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:31c1d80278b580350ac8dcff6fe6fff4776f3eaaed9a4d70f5626a0a79f96cb2", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8972,87 +9257,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.9.4.md b/docs/security/agent/grype-25.9.4.md index 4288986..918789b 100644 --- a/docs/security/agent/grype-25.9.4.md +++ b/docs/security/agent/grype-25.9.4.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.9.4 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-25.9.5.json b/docs/security/agent/grype-25.9.5.json index 0c8fa62..210e081 100644 --- a/docs/security/agent/grype-25.9.5.json +++ b/docs/security/agent/grype-25.9.5.json @@ -25,8 +25,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -88,8 +88,8 @@ { "cve": "CVE-2024-56433", "epss": 0.05074, - "percentile": 0.89434, - "date": "2025-12-22" + "percentile": 0.89443, + "date": "2025-12-29" } ], "cwes": [ @@ -189,8 +189,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -268,8 +268,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -349,20 +349,20 @@ }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, + "baseScore": 5.5, + "exploitabilityScore": 1.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -370,45 +370,52 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.35997500000000004 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-34459", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "namespace": "nvd:cpe", "severity": "High", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", + "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", + "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { "baseScore": 7.5, "exploitabilityScore": 3.9, @@ -419,16 +426,16 @@ ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-34459", + "epss": 0.00847, + "percentile": 0.74262, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", + "cve": "CVE-2024-34459", + "cwe": "CWE-122", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } @@ -445,21 +452,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1" + "name": "libxml2", + "version": "0:2.9.13-12.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-34459", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "7dc75dc862d10c78", - "name": "openssl", - "version": "1:3.2.2-6.el9_5.1", + "id": "66b25e26e34fcd34", + "name": "libxml2", + "version": "2.9.13-12.el9_6", "type": "rpm", "locations": [ { @@ -473,105 +480,122 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-41996", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { "versions": [], - "state": "wont-fix" + "state": "not-fixed" }, "advisories": [], - "risk": 0.4165200000000001 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-41996", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://dheatattack.gitlab.io/details/", - "https://dheatattack.gitlab.io/faq/", - "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-41996", - "epss": 0.00936, - "percentile": 0.75593, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-41996", - "cwe": "CWE-295", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -586,21 +610,21 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-41996", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "707ec843794b77ca", + "name": "curl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -614,67 +638,67 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "MIT" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "curl", + "version": "7.76.1-31.el9_6.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-34459", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the `--htmlout` command line option, causing an application crash and resulting in a denial of service.", + "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 1.1, + "impactScore": 4.3 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { @@ -682,62 +706,72 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.35997500000000004 + "risk": 0.33034 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-34459", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", + "id": "CVE-2024-7264", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", "namespace": "nvd:cpe", - "severity": "High", + "severity": "Medium", "urls": [ - "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", - "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", - "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", - "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" + "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "https://curl.se/docs/CVE-2024-7264.html", + "https://curl.se/docs/CVE-2024-7264.json", + "https://hackerone.com/reports/2629968", + "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "https://security.netapp.com/advisory/ntap-20240828-0008/", + "https://security.netapp.com/advisory/ntap-20241025-0006/", + "https://security.netapp.com/advisory/ntap-20241025-0010/" ], - "description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", + "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 6.5, + "exploitabilityScore": 2.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 + "baseScore": 6.3, + "exploitabilityScore": 2.9, + "impactScore": 3.4 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-34459", - "epss": 0.00847, - "percentile": 0.74263, - "date": "2025-12-22" + "cve": "CVE-2024-7264", + "epss": 0.00796, + "percentile": 0.73411, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-34459", - "cwe": "CWE-122", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2024-7264", + "cwe": "CWE-125", + "source": "nvd@nist.gov", + "type": "Primary" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -745,21 +779,21 @@ "version": "9.6" }, "package": { - "name": "libxml2", - "version": "0:2.9.13-12.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-34459", + "vulnerabilityID": "CVE-2024-7264", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "66b25e26e34fcd34", - "name": "libxml2", - "version": "2.9.13-12.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -776,11 +810,22 @@ "MIT" ], "cpes": [ - "cpe:2.3:a:libxml2:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libxml2:2.9.13-12.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libxml2@2.9.13-12.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libxml2-2.9.13-12.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -790,112 +835,95 @@ }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } ], "matchDetails": [ { - "type": "exact-indirect-match", + "type": "exact-direct-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -903,21 +931,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "707ec843794b77ca", - "name": "curl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "7dc75dc862d10c78", + "name": "openssl", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -931,133 +959,105 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:curl-minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl-minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } + "cpe:2.3:a:openssl:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], + "purl": "pkg:rpm/redhat/openssl@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } }, { "vulnerability": { - "id": "CVE-2024-7264", - "dataSource": "https://access.redhat.com/security/cve/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://access.redhat.com/security/cve/CVE-2024-41996", "namespace": "redhat:distro:redhat:9", "severity": "Low", "urls": [], - "description": "A flaw was found in libcurl, where libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.", + "description": "A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 1.1, - "impactScore": 4.3 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ], "fix": { "versions": [], - "state": "not-fixed" + "state": "wont-fix" }, "advisories": [], - "risk": 0.33034 + "risk": 0.2621050000000001 }, "relatedVulnerabilities": [ { - "id": "CVE-2024-7264", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264", + "id": "CVE-2024-41996", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-41996", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "http://www.openwall.com/lists/oss-security/2024/07/31/1", - "https://curl.se/docs/CVE-2024-7264.html", - "https://curl.se/docs/CVE-2024-7264.json", - "https://hackerone.com/reports/2629968", - "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", - "https://security.netapp.com/advisory/ntap-20240828-0008/", - "https://security.netapp.com/advisory/ntap-20241025-0006/", - "https://security.netapp.com/advisory/ntap-20241025-0010/" + "https://dheatattack.gitlab.io/details/", + "https://dheatattack.gitlab.io/faq/", + "https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1" ], - "description": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "description": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.", "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 6.5, - "exploitabilityScore": 2.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 6.3, - "exploitabilityScore": 2.9, - "impactScore": 3.4 + "baseScore": 7.5, + "exploitabilityScore": 3.9, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-7264", - "epss": 0.00796, - "percentile": 0.73412, - "date": "2025-12-22" + "cve": "CVE-2024-41996", + "epss": 0.00589, + "percentile": 0.68471, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-7264", - "cwe": "CWE-125", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-41996", + "cwe": "CWE-295", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" } ] } @@ -1072,21 +1072,21 @@ "version": "9.6" }, "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-7264", + "vulnerabilityID": "CVE-2024-41996", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", "type": "rpm", "locations": [ { @@ -1100,28 +1100,28 @@ ], "language": "", "licenses": [ - "MIT" + "ASL 2.0" ], "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", "upstreams": [ { - "name": "curl", - "version": "7.76.1-31.el9_6.1" + "name": "openssl", + "version": "3.2.2-6.el9_5.1" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": null, + "epoch": 1, "modularityLabel": "" } } @@ -1152,7 +1152,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1223,7 +1223,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1326,7 +1326,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1397,7 +1397,7 @@ "cve": "CVE-2024-9681", "epss": 0.0058, "percentile": 0.6819, - "date": "2025-12-22" + "date": "2025-12-29" } ], "cwes": [ @@ -1499,8 +1499,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1544,8 +1544,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1639,8 +1639,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ], "fix": { @@ -1684,8 +1684,8 @@ { "cve": "CVE-2024-11053", "epss": 0.00337, - "percentile": 0.56012, - "date": "2025-12-22" + "percentile": 0.56019, + "date": "2025-12-29" } ] } @@ -1779,8 +1779,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1827,8 +1827,8 @@ { "cve": "CVE-2025-14087", "epss": 0.00259, - "percentile": 0.49054, - "date": "2025-12-22" + "percentile": 0.49029, + "date": "2025-12-29" } ], "cwes": [ @@ -1918,9 +1918,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -1942,7 +1942,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0759 + "risk": 0.08233999999999998 }, "relatedVulnerabilities": [ { @@ -1985,9 +1985,9 @@ "epss": [ { "cve": "CVE-2023-32636", - "epss": 0.00165, - "percentile": 0.38076, - "date": "2025-12-22" + "epss": 0.00179, + "percentile": 0.39805, + "date": "2025-12-29" } ], "cwes": [ @@ -2084,8 +2084,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2159,8 +2159,8 @@ { "cve": "CVE-2025-27113", "epss": 0.00217, - "percentile": 0.44282, - "date": "2025-12-22" + "percentile": 0.44225, + "date": "2025-12-29" } ], "cwes": [ @@ -2257,8 +2257,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-1632", "epss": 0.00198, - "percentile": 0.42125, - "date": "2025-12-22" + "percentile": 0.42081, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2516,8 +2516,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2608,8 +2608,8 @@ { "cve": "CVE-2024-13176", "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "percentile": 0.32223, + "date": "2025-12-29" } ], "cwes": [ @@ -2629,53 +2629,233 @@ }, "relatedVulnerabilities": [ { - "id": "CVE-2024-13176", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "id": "CVE-2024-13176", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", + "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", + "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", + "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", + "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", + "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", + "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", + "https://openssl-library.org/news/secadv/20250120.txt", + "http://www.openwall.com/lists/oss-security/2025/01/20/2", + "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", + "https://security.netapp.com/advisory/ntap-20250124-0005/", + "https://security.netapp.com/advisory/ntap-20250418-0010/", + "https://security.netapp.com/advisory/ntap-20250502-0006/" + ], + "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "metrics": { + "baseScore": 4.1, + "exploitabilityScore": 0.7, + "impactScore": 3.4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-13176", + "epss": 0.00123, + "percentile": 0.32223, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-13176", + "cwe": "CWE-385", + "source": "openssl-security@openssl.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-indirect-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2024-13176", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "58e683943e8aac02", + "name": "openssl-libs", + "version": "1:3.2.2-6.el9_5.1", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "ASL 2.0" + ], + "cpes": [ + "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "upstreams": [ + { + "name": "openssl", + "version": "3.2.2-6.el9_5.1" + } + ], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": 1, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-6965", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", + "metrics": { + "baseScore": 7.7, + "exploitabilityScore": 1.8, + "impactScore": 5.3 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [ + "0:3.34.1-9.el9_7" + ], + "state": "fixed", + "available": [ + { + "version": "0:3.34.1-9.el9_7", + "date": "2025-11-12", + "kind": "first-observed" + } + ] + }, + "advisories": [ + { + "id": "RHSA-2025:20936", + "link": "https://access.redhat.com/errata/RHSA-2025:20936" + } + ], + "risk": 0.03572 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-6965", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "Critical", "urls": [ - "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", - "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", - "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", - "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", - "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", - "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", - "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", - "https://openssl-library.org/news/secadv/20250120.txt", - "http://www.openwall.com/lists/oss-security/2025/01/20/2", - "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", - "https://security.netapp.com/advisory/ntap-20250124-0005/", - "https://security.netapp.com/advisory/ntap-20250418-0010/", - "https://security.netapp.com/advisory/ntap-20250502-0006/" + "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", + "http://seclists.org/fulldisclosure/2025/Sep/49", + "http://seclists.org/fulldisclosure/2025/Sep/53", + "http://seclists.org/fulldisclosure/2025/Sep/56", + "http://seclists.org/fulldisclosure/2025/Sep/57", + "http://seclists.org/fulldisclosure/2025/Sep/58", + "http://www.openwall.com/lists/oss-security/2025/09/06/1" ], - "description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", + "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "cvss": [ { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "metrics": { - "baseScore": 4.1, - "exploitabilityScore": 0.7, - "impactScore": 3.4 + "baseScore": 9.8, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + "vendorMetadata": {} + }, + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "version": "4.0", + "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", + "metrics": { + "baseScore": 7.2 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2024-13176", - "epss": 0.00123, - "percentile": 0.32294, - "date": "2025-12-22" + "cve": "CVE-2025-6965", + "epss": 0.00047, + "percentile": 0.14384, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2024-13176", - "cwe": "CWE-385", - "source": "openssl-security@openssl.org", + "cve": "CVE-2025-6965", + "cwe": "CWE-197", + "source": "cve-coordination@google.com", "type": "Secondary" } ] @@ -2691,21 +2871,24 @@ "version": "9.6" }, "package": { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2024-13176", - "versionConstraint": "none (unknown)" + "vulnerabilityID": "CVE-2025-6965", + "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" + }, + "fix": { + "suggestedVersion": "0:3.34.1-9.el9_7" } } ], "artifact": { - "id": "58e683943e8aac02", - "name": "openssl-libs", - "version": "1:3.2.2-6.el9_5.1", + "id": "589dcf3821f954e5", + "name": "sqlite-libs", + "version": "3.34.1-8.el9_6", "type": "rpm", "locations": [ { @@ -2719,28 +2902,28 @@ ], "language": "", "licenses": [ - "ASL 2.0" + "Public Domain" ], "cpes": [ - "cpe:2.3:a:openssl-libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl-libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl_libs:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:openssl:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl-libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:openssl_libs:1\\:3.2.2-6.el9_5.1:*:*:*:*:*:*:*" + "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5.1?arch=x86_64&distro=rhel-9.6&epoch=1&upstream=openssl-3.2.2-6.el9_5.1.src.rpm", + "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", "upstreams": [ { - "name": "openssl", - "version": "3.2.2-6.el9_5.1" + "name": "sqlite", + "version": "3.34.1-8.el9_6" } ], "metadataType": "RpmMetadata", "metadata": { - "epoch": 1, + "epoch": null, "modularityLabel": "" } } @@ -2770,8 +2953,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2820,8 +3003,8 @@ { "cve": "CVE-2023-45322", "epss": 0.00076, - "percentile": 0.23191, - "date": "2025-12-22" + "percentile": 0.23143, + "date": "2025-12-29" } ], "cwes": [ @@ -2912,8 +3095,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -2961,8 +3144,8 @@ { "cve": "CVE-2025-3360", "epss": 0.00089, - "percentile": 0.25962, - "date": "2025-12-22" + "percentile": 0.25851, + "date": "2025-12-29" } ], "cwes": [ @@ -3053,8 +3236,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3101,8 +3284,8 @@ { "cve": "CVE-2022-41409", "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ @@ -3182,255 +3365,75 @@ "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.025315 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2022-41409", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", - "https://github.com/PCRE2Project/pcre2/issues/141" - ], - "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", - "cvss": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2022-41409", - "epss": 0.00061, - "percentile": 0.19171, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2022-41409", - "cwe": "CWE-190", - "source": "nvd@nist.gov", - "type": "Primary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "pcre2", - "version": "10.40-6.el9" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2022-41409", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "79b3a388130aa9b9", - "name": "pcre2-syntax", - "version": "10.40-6.el9", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "BSD" - ], - "cpes": [ - "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", - "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", - "upstreams": [ - { - "name": "pcre2", - "version": "10.40-6.el9" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-6965", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-6965", - "namespace": "redhat:distro:redhat:9", - "severity": "High", - "urls": [], - "description": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", - "metrics": { - "baseScore": 7.7, - "exploitabilityScore": 1.8, - "impactScore": 5.3 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ], "fix": { - "versions": [ - "0:3.34.1-9.el9_7" - ], - "state": "fixed", - "available": [ - { - "version": "0:3.34.1-9.el9_7", - "date": "2025-11-12", - "kind": "first-observed" - } - ] + "versions": [], + "state": "not-fixed" }, - "advisories": [ - { - "id": "RHSA-2025:20936", - "link": "https://access.redhat.com/errata/RHSA-2025:20936" - } - ], - "risk": 0.02508 + "advisories": [], + "risk": 0.025315 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-6965", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965", + "id": "CVE-2022-41409", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "namespace": "nvd:cpe", - "severity": "Critical", + "severity": "High", "urls": [ - "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8", - "http://seclists.org/fulldisclosure/2025/Sep/49", - "http://seclists.org/fulldisclosure/2025/Sep/53", - "http://seclists.org/fulldisclosure/2025/Sep/56", - "http://seclists.org/fulldisclosure/2025/Sep/57", - "http://seclists.org/fulldisclosure/2025/Sep/58", - "http://www.openwall.com/lists/oss-security/2025/09/06/1" + "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", + "https://github.com/PCRE2Project/pcre2/issues/141" ], - "description": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", + "description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "cvss": [ { "source": "nvd@nist.gov", "type": "Primary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 9.8, + "baseScore": 7.5, "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - "vendorMetadata": {} - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "version": "4.0", - "vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green", - "metrics": { - "baseScore": 7.2 + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-6965", - "epss": 0.00033, - "percentile": 0.0922, - "date": "2025-12-22" + "cve": "CVE-2022-41409", + "epss": 0.00061, + "percentile": 0.19192, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-6965", - "cwe": "CWE-197", - "source": "cve-coordination@google.com", - "type": "Secondary" + "cve": "CVE-2022-41409", + "cwe": "CWE-190", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -3445,24 +3448,21 @@ "version": "9.6" }, "package": { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-6965", - "versionConstraint": "< 0:3.34.1-9.el9_7 (rpm)" - }, - "fix": { - "suggestedVersion": "0:3.34.1-9.el9_7" + "vulnerabilityID": "CVE-2022-41409", + "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "589dcf3821f954e5", - "name": "sqlite-libs", - "version": "3.34.1-8.el9_6", + "id": "79b3a388130aa9b9", + "name": "pcre2-syntax", + "version": "10.40-6.el9", "type": "rpm", "locations": [ { @@ -3476,23 +3476,23 @@ ], "language": "", "licenses": [ - "Public Domain" + "BSD" ], "cpes": [ - "cpe:2.3:a:sqlite-libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite-libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite_libs:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite-libs:3.34.1-8.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:sqlite:sqlite_libs:3.34.1-8.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:pcre2-syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2-syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2_syntax:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2-syntax:10.40-6.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:pcre2:pcre2_syntax:10.40-6.el9:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/sqlite-libs@3.34.1-8.el9_6?arch=x86_64&distro=rhel-9.6&upstream=sqlite-3.34.1-8.el9_6.src.rpm", + "purl": "pkg:rpm/redhat/pcre2-syntax@10.40-6.el9?arch=noarch&distro=rhel-9.6&upstream=pcre2-10.40-6.el9.src.rpm", "upstreams": [ { - "name": "sqlite", - "version": "3.34.1-8.el9_6" + "name": "pcre2", + "version": "10.40-6.el9" } ], "metadataType": "RpmMetadata", @@ -3527,8 +3527,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3570,8 +3570,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3665,8 +3665,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ], "fix": { @@ -3708,8 +3708,8 @@ { "cve": "CVE-2023-50495", "epss": 0.00051, - "percentile": 0.15927, - "date": "2025-12-22" + "percentile": 0.15924, + "date": "2025-12-29" } ] } @@ -3803,8 +3803,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3851,8 +3851,8 @@ { "cve": "CVE-2025-14512", "epss": 0.00037, - "percentile": 0.10696, - "date": "2025-12-22" + "percentile": 0.10732, + "date": "2025-12-29" } ], "cwes": [ @@ -3943,8 +3943,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4004,8 +4004,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4101,8 +4101,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4162,8 +4162,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -4258,9 +4258,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4290,7 +4290,7 @@ "link": "https://access.redhat.com/errata/RHSA-2025:22660" } ], - "risk": 0.02037 + "risk": 0.019885 }, "relatedVulnerabilities": [ { @@ -4333,9 +4333,9 @@ "epss": [ { "cve": "CVE-2025-4598", - "epss": 0.00042, - "percentile": 0.1258, - "date": "2025-12-22" + "epss": 0.00041, + "percentile": 0.1233, + "date": "2025-12-29" } ], "cwes": [ @@ -4443,8 +4443,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4535,8 +4535,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4601,8 +4601,8 @@ { "cve": "CVE-2023-4156", "epss": 0.00031, - "percentile": 0.08434, - "date": "2025-12-22" + "percentile": 0.08521, + "date": "2025-12-29" } ], "cwes": [ @@ -4699,8 +4699,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4775,8 +4775,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4876,8 +4876,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -4952,8 +4952,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -5064,8 +5064,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5138,8 +5138,8 @@ { "cve": "CVE-2025-9714", "epss": 0.00024, - "percentile": 0.05734, - "date": "2025-12-22" + "percentile": 0.05777, + "date": "2025-12-29" } ], "cwes": [ @@ -5233,8 +5233,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5275,8 +5275,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -5327,148 +5327,11 @@ "cpe:2.3:a:curl_minimal:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl_minimal:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" - ], - "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", - "upstreams": [ - { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - } - ], - "metadataType": "RpmMetadata", - "metadata": { - "epoch": null, - "modularityLabel": "" - } - } - }, - { - "vulnerability": { - "id": "CVE-2025-9086", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", - "namespace": "redhat:distro:redhat:9", - "severity": "Medium", - "urls": [], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.01133 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2025-9086", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", - "namespace": "nvd:cpe", - "severity": "High", - "urls": [ - "https://curl.se/docs/CVE-2025-9086.html", - "https://curl.se/docs/CVE-2025-9086.json", - "https://hackerone.com/reports/3294999", - "http://www.openwall.com/lists/oss-security/2025/09/10/1" - ], - "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "metrics": { - "baseScore": 7.5, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-9086", - "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-indirect-match", - "matcher": "rpm-matcher", - "searchedBy": { - "distro": { - "type": "redhat", - "version": "9.6" - }, - "package": { - "name": "curl", - "version": "7.76.1-31.el9_6.1" - }, - "namespace": "redhat:distro:redhat:9" - }, - "found": { - "vulnerabilityID": "CVE-2025-9086", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "220f5f360bc1aff5", - "name": "libcurl-minimal", - "version": "7.76.1-31.el9_6.1", - "type": "rpm", - "locations": [ - { - "path": "/var/lib/rpm/rpmdb.sqlite", - "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", - "accessPath": "/var/lib/rpm/rpmdb.sqlite", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [ - "MIT" - ], - "cpes": [ - "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + "cpe:2.3:a:redhat:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:curl:curl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "purl": "pkg:rpm/redhat/curl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", "upstreams": [ { "name": "curl", @@ -5484,45 +5347,31 @@ }, { "vulnerability": { - "id": "CVE-2025-60753", - "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-9086", "namespace": "redhat:distro:redhat:9", "severity": "Medium", "urls": [], - "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\nhostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\nSince this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\nboundary\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, - "impactScore": 3.6 + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -5530,28 +5379,30 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0105 + "risk": 0.01133 }, "relatedVulnerabilities": [ { - "id": "CVE-2025-60753", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "id": "CVE-2025-9086", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086", "namespace": "nvd:cpe", - "severity": "Medium", + "severity": "High", "urls": [ - "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", - "https://github.com/libarchive/libarchive/issues/2725" + "https://curl.se/docs/CVE-2025-9086.html", + "https://curl.se/docs/CVE-2025-9086.json", + "https://hackerone.com/reports/3294999", + "http://www.openwall.com/lists/oss-security/2025/09/10/1" ], - "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "description": "1. A cookie is set using the `secure` keyword for `https://target`\n2. curl is redirected to or otherwise made to speak with `http://target` (same\n hostname, but using clear text HTTP) using the same cookie set\n3. The same cookie name is set - but with just a slash as path (`path='/'`).\n Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.", "cvss": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 1.9, + "baseScore": 7.5, + "exploitabilityScore": 3.9, "impactScore": 3.6 }, "vendorMetadata": {} @@ -5559,31 +5410,17 @@ ], "epss": [ { - "cve": "CVE-2025-60753", - "epss": 0.0002, - "percentile": 0.04698, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-60753", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - }, - { - "cve": "CVE-2025-60753", - "cwe": "CWE-835", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" + "cve": "CVE-2025-9086", + "epss": 0.00022, + "percentile": 0.051, + "date": "2025-12-29" } ] } ], "matchDetails": [ { - "type": "exact-direct-match", + "type": "exact-indirect-match", "matcher": "rpm-matcher", "searchedBy": { "distro": { @@ -5591,21 +5428,21 @@ "version": "9.6" }, "package": { - "name": "libarchive", - "version": "0:3.5.3-6.el9_6" + "name": "curl", + "version": "7.76.1-31.el9_6.1" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-60753", + "vulnerabilityID": "CVE-2025-9086", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "5fe8b53173092253", - "name": "libarchive", - "version": "3.5.3-6.el9_6", + "id": "220f5f360bc1aff5", + "name": "libcurl-minimal", + "version": "7.76.1-31.el9_6.1", "type": "rpm", "locations": [ { @@ -5619,14 +5456,25 @@ ], "language": "", "licenses": [ - "BSD" + "MIT" ], "cpes": [ - "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" + "cpe:2.3:a:libcurl-minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl-minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl_minimal:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:libcurl:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl-minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libcurl_minimal:7.76.1-31.el9_6.1:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/libcurl-minimal@7.76.1-31.el9_6.1?arch=x86_64&distro=rhel-9.6&upstream=curl-7.76.1-31.el9_6.1.src.rpm", + "upstreams": [ + { + "name": "curl", + "version": "7.76.1-31.el9_6.1" + } ], - "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", - "upstreams": [], "metadataType": "RpmMetadata", "metadata": { "epoch": null, @@ -5661,9 +5509,9 @@ "epss": [ { "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" } ], "cwes": [ @@ -5679,7 +5527,7 @@ "state": "" }, "advisories": [], - "risk": 0.009975000000000001 + "risk": 0.011025000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -5753,9 +5601,9 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" } ], "cwes": [ @@ -5771,7 +5619,7 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.009525 + "risk": 0.010795 }, "relatedVulnerabilities": [ { @@ -5803,16 +5651,168 @@ "epss": [ { "cve": "CVE-2025-13601", - "epss": 0.00015, - "percentile": 0.02479, - "date": "2025-12-22" + "epss": 0.00017, + "percentile": 0.03099, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-13601", + "cwe": "CWE-190", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "glib2", + "version": "0:2.68.4-16.el9_6.2" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-13601", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "35f4edf399bccea5", + "name": "glib2", + "version": "2.68.4-16.el9_6.2", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "LGPLv2+" + ], + "cpes": [ + "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, + { + "vulnerability": { + "id": "CVE-2025-60753", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-60753", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A vulnerability in apply_substitution() function in libarchive's bsdtar allows crafted -s substitution rules to repeatedly match a zero-length substring and append replacements without advancing the input pointer. When the rule uses the global /g flag (or an explicitly empty pattern), this leads to unbounded output allocation and eventual process OOM (Denial of Service). Upgrade to libarchive 3.8.1 or apply a patch that prevents zero-length match loops or rejects empty patterns.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0105 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-60753", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753", + "https://github.com/libarchive/libarchive/issues/2725" + ], + "description": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 1.9, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-60753", + "epss": 0.0002, + "percentile": 0.04757, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2025-13601", - "cwe": "CWE-190", - "source": "secalert@redhat.com", + "cve": "CVE-2025-60753", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + }, + { + "cve": "CVE-2025-60753", + "cwe": "CWE-835", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] @@ -5828,21 +5828,21 @@ "version": "9.6" }, "package": { - "name": "glib2", - "version": "0:2.68.4-16.el9_6.2" + "name": "libarchive", + "version": "0:3.5.3-6.el9_6" }, "namespace": "redhat:distro:redhat:9" }, "found": { - "vulnerabilityID": "CVE-2025-13601", + "vulnerabilityID": "CVE-2025-60753", "versionConstraint": "none (unknown)" } } ], "artifact": { - "id": "35f4edf399bccea5", - "name": "glib2", - "version": "2.68.4-16.el9_6.2", + "id": "5fe8b53173092253", + "name": "libarchive", + "version": "3.5.3-6.el9_6", "type": "rpm", "locations": [ { @@ -5856,13 +5856,13 @@ ], "language": "", "licenses": [ - "LGPLv2+" + "BSD" ], "cpes": [ - "cpe:2.3:a:redhat:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:glib2:glib2:2.68.4-16.el9_6.2:*:*:*:*:*:*:*" + "cpe:2.3:a:libarchive:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:libarchive:3.5.3-6.el9_6:*:*:*:*:*:*:*" ], - "purl": "pkg:rpm/redhat/glib2@2.68.4-16.el9_6.2?arch=x86_64&distro=rhel-9.6&upstream=glib2-2.68.4-16.el9_6.2.src.rpm", + "purl": "pkg:rpm/redhat/libarchive@3.5.3-6.el9_6?arch=x86_64&distro=rhel-9.6&upstream=libarchive-3.5.3-6.el9_6.src.rpm", "upstreams": [], "metadataType": "RpmMetadata", "metadata": { @@ -5896,8 +5896,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -5938,8 +5938,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6033,8 +6033,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6075,8 +6075,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -6145,6 +6145,151 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68973", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68973", + "namespace": "redhat:distro:redhat:9", + "severity": "High", + "urls": [], + "description": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.00918 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68973", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", + "namespace": "nvd:cpe", + "severity": "High", + "urls": [ + "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", + "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", + "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", + "https://gpg.fail/memcpy", + "https://news.ycombinator.com/item?id=46403200", + "https://www.openwall.com/lists/oss-security/2025/12/28/5", + "http://www.openwall.com/lists/oss-security/2025/12/29/11" + ], + "description": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", + "metrics": { + "baseScore": 7.8, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68973", + "epss": 0.00012, + "percentile": 0.01397, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68973", + "cwe": "CWE-675", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68973", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-5915", @@ -6170,8 +6315,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6232,8 +6377,8 @@ { "cve": "CVE-2025-5915", "epss": 0.00026, - "percentile": 0.06524, - "date": "2025-12-22" + "percentile": 0.06595, + "date": "2025-12-29" } ], "cwes": [ @@ -6324,8 +6469,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6377,8 +6522,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6614,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6522,8 +6667,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -6625,8 +6770,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6679,8 +6824,8 @@ { "cve": "CVE-2025-5278", "epss": 0.00018, - "percentile": 0.03938, - "date": "2025-12-22" + "percentile": 0.03986, + "date": "2025-12-29" } ], "cwes": [ @@ -6782,8 +6927,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6848,8 +6993,8 @@ { "cve": "CVE-2023-30571", "epss": 0.00016, - "percentile": 0.0275, - "date": "2025-12-22" + "percentile": 0.02749, + "date": "2025-12-29" } ], "cwes": [ @@ -6946,8 +7091,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7008,8 +7153,8 @@ { "cve": "CVE-2025-5916", "epss": 0.00023, - "percentile": 0.05385, - "date": "2025-12-22" + "percentile": 0.05457, + "date": "2025-12-29" } ], "cwes": [ @@ -7100,8 +7245,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7148,8 +7293,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7245,8 +7390,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7293,8 +7438,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7390,8 +7535,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7438,8 +7583,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7535,8 +7680,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7583,8 +7728,8 @@ { "cve": "CVE-2025-14104", "epss": 0.00014, - "percentile": 0.01842, - "date": "2025-12-22" + "percentile": 0.01846, + "date": "2025-12-29" } ], "cwes": [ @@ -7680,8 +7825,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7741,8 +7886,8 @@ { "cve": "CVE-2025-30258", "epss": 0.00025, - "percentile": 0.06045, - "date": "2025-12-22" + "percentile": 0.06106, + "date": "2025-12-29" } ], "cwes": [ @@ -7833,8 +7978,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -7901,8 +8046,8 @@ { "cve": "CVE-2024-0232", "epss": 0.00018, - "percentile": 0.03788, - "date": "2025-12-22" + "percentile": 0.03819, + "date": "2025-12-29" } ], "cwes": [ @@ -8010,8 +8155,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8072,8 +8217,8 @@ { "cve": "CVE-2025-5918", "epss": 0.00019, - "percentile": 0.04157, - "date": "2025-12-22" + "percentile": 0.04221, + "date": "2025-12-29" } ], "cwes": [ @@ -8164,8 +8309,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8234,8 +8379,8 @@ { "cve": "CVE-2022-3219", "epss": 0.00013, - "percentile": 0.01634, - "date": "2025-12-22" + "percentile": 0.0163, + "date": "2025-12-29" } ], "cwes": [ @@ -8332,8 +8477,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8394,8 +8539,8 @@ { "cve": "CVE-2025-5917", "epss": 0.00019, - "percentile": 0.04404, - "date": "2025-12-22" + "percentile": 0.04464, + "date": "2025-12-29" } ], "cwes": [ @@ -8461,6 +8606,146 @@ } } }, + { + "vulnerability": { + "id": "CVE-2025-68972", + "dataSource": "https://access.redhat.com/security/cve/CVE-2025-68972", + "namespace": "redhat:distro:redhat:9", + "severity": "Medium", + "urls": [], + "description": "A flaw was found in GnuPG. An adversary can exploit this vulnerability by crafting a signed message that includes a form feed character (\\f) at the end of a plaintext line. This allows the adversary to append additional, unsigned text to the message while the signature verification still reports success. This issue leads to an integrity bypass, potentially enabling the spoofing of signed communications.", + "cvss": [ + { + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0049050000000000005 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2025-68972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-68972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://gpg.fail/formfeed", + "https://news.ycombinator.com/item?id=46404339" + ], + "description": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line.", + "cvss": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 1.5, + "impactScore": 4 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-68972", + "epss": 0.00009, + "percentile": 0.00626, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-68972", + "cwe": "CWE-347", + "source": "cve@mitre.org", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "rpm-matcher", + "searchedBy": { + "distro": { + "type": "redhat", + "version": "9.6" + }, + "package": { + "name": "gnupg2", + "version": "0:2.3.3-4.el9" + }, + "namespace": "redhat:distro:redhat:9" + }, + "found": { + "vulnerabilityID": "CVE-2025-68972", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "4796aaf427df0782", + "name": "gnupg2", + "version": "2.3.3-4.el9", + "type": "rpm", + "locations": [ + { + "path": "/var/lib/rpm/rpmdb.sqlite", + "layerID": "sha256:fccb81fb540d5b4e467b87b6d604c622913310c0660cbde4906373164f0362a6", + "accessPath": "/var/lib/rpm/rpmdb.sqlite", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [ + "GPLv3+" + ], + "cpes": [ + "cpe:2.3:a:gnupg2:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:gnupg2:2.3.3-4.el9:*:*:*:*:*:*:*" + ], + "purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9?arch=x86_64&distro=rhel-9.6&upstream=gnupg2-2.3.3-4.el9.src.rpm", + "upstreams": [], + "metadataType": "RpmMetadata", + "metadata": { + "epoch": null, + "modularityLabel": "" + } + } + }, { "vulnerability": { "id": "CVE-2025-6170", @@ -8486,8 +8771,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8547,8 +8832,8 @@ { "cve": "CVE-2025-6170", "epss": 0.00017, - "percentile": 0.03418, - "date": "2025-12-22" + "percentile": 0.03431, + "date": "2025-12-29" } ], "cwes": [ @@ -8972,87 +9257,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/agent/grype-25.9.5.md b/docs/security/agent/grype-25.9.5.md index c9eee5a..0bc053d 100644 --- a/docs/security/agent/grype-25.9.5.md +++ b/docs/security/agent/grype-25.9.5.md @@ -6,6 +6,7 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | | sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium | | systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium | @@ -15,9 +16,9 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium | -| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | fluent-bit | 25.10.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium | | glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium | +| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium | | coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium | @@ -26,13 +27,14 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | | libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium | | shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low | | openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low | -| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | -| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low | +| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | +| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low | | curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low | diff --git a/docs/security/agent/grype-latest.md b/docs/security/agent/grype-latest.md index 5c0fabd..7e137a4 100644 --- a/docs/security/agent/grype-latest.md +++ b/docs/security/agent/grype-latest.md @@ -1,6 +1,7 @@ ## Known agent vulnerabilities -High and critical vulnerabilities not triaged for the latest version (ghcr.io/fluentdo/agent:25.12.4) of the agent are shown below, as reported by Grype. +High and critical vulnerabilities not triaged for the latest version (ghcr.io/fluentdo/agent:25.12.5) of the agent are shown below, as reported by Grype. | Package | Version Installed | Vulnerability ID | Severity | | --- | --- | --- | --- | +| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High | diff --git a/docs/security/oss/grype-4.0.10.json b/docs/security/oss/grype-4.0.10.json index 62ae5c8..852d67c 100644 --- a/docs/security/oss/grype-4.0.10.json +++ b/docs/security/oss/grype-4.0.10.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -850,8 +850,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -910,8 +910,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1005,8 +1005,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1059,8 +1059,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1148,8 +1148,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1192,8 +1192,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1273,8 +1273,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1320,8 +1320,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1396,8 +1396,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1458,8 +1458,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1530,8 +1530,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1590,8 +1590,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1675,8 +1675,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1735,8 +1735,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1811,8 +1811,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1871,8 +1871,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1952,8 +1952,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2012,8 +2012,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2101,8 +2101,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2177,8 +2177,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2283,8 +2283,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -2537,8 +2537,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2600,8 +2600,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2695,8 +2695,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -2762,8 +2762,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -2862,8 +2862,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -2904,8 +2904,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -2972,8 +2972,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3024,8 +3024,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3132,8 +3132,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3199,8 +3199,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3312,8 +3312,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3359,8 +3359,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3422,6 +3422,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:b4a39b70e964ebebbece567bb17d6f8248c6267b5bda8c42de06b7037fa560b5", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.10:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.10" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "c8c4e760545d2696", + "name": "fluent-bit", + "version": "4.0.10", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:6cd17e1289b73b928c1b35654d340f2f95800110b8da1e27f3c38c3fd8da87ff", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.10:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.10", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -3435,8 +3654,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3500,8 +3719,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3585,8 +3804,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3633,8 +3852,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3718,8 +3937,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3766,8 +3985,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3842,8 +4061,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3890,8 +4109,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3971,8 +4190,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4019,8 +4238,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4095,8 +4314,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4152,8 +4371,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4215,225 +4434,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.10:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.10" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "c8c4e760545d2696", - "name": "fluent-bit", - "version": "4.0.10", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:6cd17e1289b73b928c1b35654d340f2f95800110b8da1e27f3c38c3fd8da87ff", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.10:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.10", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:b4a39b70e964ebebbece567bb17d6f8248c6267b5bda8c42de06b7037fa560b5", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2019-1010022", @@ -4447,8 +4447,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4509,8 +4509,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4604,8 +4604,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4671,8 +4671,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4753,8 +4753,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4820,8 +4820,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4898,8 +4898,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4958,8 +4958,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -5043,8 +5043,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5093,8 +5093,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5169,8 +5169,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5219,8 +5219,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5341,8 +5341,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5417,8 +5417,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5467,8 +5467,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5539,8 +5539,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5587,8 +5587,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5672,8 +5672,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5720,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5796,8 +5796,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5844,8 +5844,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5925,8 +5925,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5973,8 +5973,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6049,8 +6049,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6116,8 +6116,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6198,8 +6198,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6265,8 +6265,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6343,8 +6343,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6404,8 +6404,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6512,8 +6512,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6573,8 +6573,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6649,8 +6649,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6710,8 +6710,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6814,8 +6814,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6875,8 +6875,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6974,8 +6974,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7035,8 +7035,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7134,8 +7134,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7182,8 +7182,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7279,8 +7279,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7321,8 +7321,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7762,87 +7762,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.10.md b/docs/security/oss/grype-4.0.10.md index 33919c6..ad362a6 100644 --- a/docs/security/oss/grype-4.0.10.md +++ b/docs/security/oss/grype-4.0.10.md @@ -29,13 +29,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u14 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.11.json b/docs/security/oss/grype-4.0.11.json index db03f17..8ac7c2f 100644 --- a/docs/security/oss/grype-4.0.11.json +++ b/docs/security/oss/grype-4.0.11.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -850,8 +850,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -910,8 +910,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1005,8 +1005,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1059,8 +1059,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1148,8 +1148,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1192,8 +1192,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1273,8 +1273,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1320,8 +1320,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1396,8 +1396,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1458,8 +1458,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1530,8 +1530,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1590,8 +1590,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1675,8 +1675,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1735,8 +1735,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1811,8 +1811,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1871,8 +1871,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1952,8 +1952,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2012,8 +2012,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2101,8 +2101,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2177,8 +2177,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2283,8 +2283,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2347,8 +2347,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2457,8 +2457,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -2537,8 +2537,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2600,8 +2600,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2695,8 +2695,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -2762,8 +2762,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -2862,8 +2862,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -2904,8 +2904,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -2972,8 +2972,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3024,8 +3024,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3132,8 +3132,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3199,8 +3199,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3312,8 +3312,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3359,8 +3359,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3422,6 +3422,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:43789fe97f5566d641028c0fae496e6c7e5e76709b6cf6b2a7768453a3915cfb", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.11:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.11" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "86591243b4277610", + "name": "fluent-bit", + "version": "4.0.11", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:df68301c9d83f18ff9a258bbf882ee83e959ab0d557bef9ab914824bebd89327", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.11:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.11", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -3435,8 +3654,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3500,8 +3719,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3585,8 +3804,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3633,8 +3852,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3718,8 +3937,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3766,8 +3985,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3842,8 +4061,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3890,8 +4109,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3971,8 +4190,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4019,8 +4238,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4095,8 +4314,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4152,8 +4371,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4215,225 +4434,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.11:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.11" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "86591243b4277610", - "name": "fluent-bit", - "version": "4.0.11", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:df68301c9d83f18ff9a258bbf882ee83e959ab0d557bef9ab914824bebd89327", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.11:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.11", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:43789fe97f5566d641028c0fae496e6c7e5e76709b6cf6b2a7768453a3915cfb", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2019-1010022", @@ -4447,8 +4447,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4509,8 +4509,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4604,8 +4604,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4671,8 +4671,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4753,8 +4753,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4820,8 +4820,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4898,8 +4898,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4958,8 +4958,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -5043,8 +5043,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5093,8 +5093,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5169,8 +5169,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5219,8 +5219,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5341,8 +5341,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5417,8 +5417,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5467,8 +5467,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5539,8 +5539,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5587,8 +5587,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5672,8 +5672,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5720,8 +5720,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5796,8 +5796,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5844,8 +5844,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5925,8 +5925,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5973,8 +5973,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6049,8 +6049,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6116,8 +6116,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6198,8 +6198,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6265,8 +6265,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6343,8 +6343,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6404,8 +6404,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6512,8 +6512,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6573,8 +6573,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6649,8 +6649,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6710,8 +6710,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6814,8 +6814,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6875,8 +6875,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6974,8 +6974,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7035,8 +7035,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7134,8 +7134,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7182,8 +7182,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7279,8 +7279,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7321,8 +7321,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7762,87 +7762,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.11.md b/docs/security/oss/grype-4.0.11.md index 8f0f8b8..20674f2 100644 --- a/docs/security/oss/grype-4.0.11.md +++ b/docs/security/oss/grype-4.0.11.md @@ -29,13 +29,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u14 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.12.json b/docs/security/oss/grype-4.0.12.json index f2443b7..a9be269 100644 --- a/docs/security/oss/grype-4.0.12.json +++ b/docs/security/oss/grype-4.0.12.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -850,8 +850,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -910,8 +910,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1005,8 +1005,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1059,8 +1059,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1148,8 +1148,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1192,8 +1192,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1273,8 +1273,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1320,8 +1320,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1396,8 +1396,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1458,8 +1458,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1530,8 +1530,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1590,8 +1590,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1675,8 +1675,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1735,8 +1735,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1811,8 +1811,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1871,8 +1871,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1952,8 +1952,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2012,8 +2012,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2088,8 +2088,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2152,8 +2152,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2262,8 +2262,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -2342,8 +2342,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2405,8 +2405,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2500,8 +2500,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -2567,8 +2567,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -2667,8 +2667,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -2709,8 +2709,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -2777,8 +2777,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -2984,8 +2984,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3047,6 +3047,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:417b18e12362eb08bbee953a1a4ffe7152162c98178006fd3274e3a6e11d36df", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.12:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.12" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "4ceb084b73b77402", + "name": "fluent-bit", + "version": "4.0.12", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:d273ade3b28aaafa210ca38f26be2a1b7bc2ad4647c7702b90db2405b9755bb9", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.12:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.12", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -3060,8 +3279,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3125,8 +3344,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3210,8 +3429,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3258,8 +3477,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3343,8 +3562,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3391,8 +3610,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3467,8 +3686,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3515,8 +3734,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3815,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3644,8 +3863,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3720,8 +3939,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -3777,8 +3996,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -3840,225 +4059,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.12:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.12" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "4ceb084b73b77402", - "name": "fluent-bit", - "version": "4.0.12", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:d273ade3b28aaafa210ca38f26be2a1b7bc2ad4647c7702b90db2405b9755bb9", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.12:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.12", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:417b18e12362eb08bbee953a1a4ffe7152162c98178006fd3274e3a6e11d36df", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2019-1010022", @@ -4072,8 +4072,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4134,8 +4134,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4229,8 +4229,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4296,8 +4296,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4378,8 +4378,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4445,8 +4445,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4523,8 +4523,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4583,8 +4583,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4668,8 +4668,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4718,8 +4718,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4794,8 +4794,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4844,8 +4844,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4916,8 +4916,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -4966,8 +4966,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5042,8 +5042,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5092,8 +5092,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5164,8 +5164,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5212,8 +5212,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5297,8 +5297,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5345,8 +5345,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5421,8 +5421,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5469,8 +5469,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5550,8 +5550,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5598,8 +5598,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5674,8 +5674,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5741,8 +5741,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5823,8 +5823,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5890,8 +5890,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5968,8 +5968,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6029,8 +6029,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6137,8 +6137,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6198,8 +6198,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6274,8 +6274,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6335,8 +6335,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6439,8 +6439,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6500,8 +6500,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6599,8 +6599,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6660,8 +6660,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6759,8 +6759,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -6807,8 +6807,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -6904,8 +6904,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6946,8 +6946,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7387,87 +7387,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.12.md b/docs/security/oss/grype-4.0.12.md index 238fc8f..4dfbd40 100644 --- a/docs/security/oss/grype-4.0.12.md +++ b/docs/security/oss/grype-4.0.12.md @@ -27,13 +27,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u14 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.13.json b/docs/security/oss/grype-4.0.13.json index 3d464da..01876ba 100644 --- a/docs/security/oss/grype-4.0.13.json +++ b/docs/security/oss/grype-4.0.13.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -850,8 +850,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -910,8 +910,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1005,8 +1005,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1059,8 +1059,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1148,8 +1148,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1192,8 +1192,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1273,8 +1273,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1320,8 +1320,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1396,8 +1396,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1458,8 +1458,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1530,8 +1530,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1590,8 +1590,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1675,8 +1675,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1735,8 +1735,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1811,8 +1811,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1871,8 +1871,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -1952,8 +1952,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2012,8 +2012,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2088,8 +2088,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2152,8 +2152,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2262,8 +2262,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -2342,8 +2342,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2405,8 +2405,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -2500,8 +2500,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -2567,8 +2567,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -2667,8 +2667,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -2709,8 +2709,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -2777,8 +2777,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -2937,8 +2937,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -2984,8 +2984,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3047,6 +3047,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:c37bf7ef1af500ef329b6439c3d13f6008d5779df3433d8994325e53bb39b551", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.13:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.13" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "5c9ed42943eb96f5", + "name": "fluent-bit", + "version": "4.0.13", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:f9725a4843d8177ab79ad0290db93000cfd21f404e0950ca2df8f77bc8a8e398", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.13:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.13", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -3060,8 +3279,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3125,8 +3344,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -3210,8 +3429,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3258,8 +3477,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3343,8 +3562,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3391,8 +3610,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3467,8 +3686,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3515,8 +3734,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3596,8 +3815,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3644,8 +3863,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -3720,8 +3939,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -3777,8 +3996,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -3840,225 +4059,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.13:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.13" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "5c9ed42943eb96f5", - "name": "fluent-bit", - "version": "4.0.13", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:f9725a4843d8177ab79ad0290db93000cfd21f404e0950ca2df8f77bc8a8e398", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.13:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.13", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:c37bf7ef1af500ef329b6439c3d13f6008d5779df3433d8994325e53bb39b551", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2019-1010022", @@ -4072,8 +4072,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4134,8 +4134,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4229,8 +4229,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4296,8 +4296,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4378,8 +4378,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4445,8 +4445,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -4523,8 +4523,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4583,8 +4583,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -4668,8 +4668,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4718,8 +4718,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4794,8 +4794,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4844,8 +4844,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -4916,8 +4916,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -4966,8 +4966,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5042,8 +5042,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5092,8 +5092,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5164,8 +5164,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5212,8 +5212,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5297,8 +5297,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5345,8 +5345,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5421,8 +5421,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5469,8 +5469,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5550,8 +5550,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5598,8 +5598,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -5674,8 +5674,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5741,8 +5741,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5823,8 +5823,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5890,8 +5890,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -5968,8 +5968,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6029,8 +6029,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6137,8 +6137,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6198,8 +6198,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6274,8 +6274,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6335,8 +6335,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6439,8 +6439,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6500,8 +6500,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6599,8 +6599,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6660,8 +6660,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6759,8 +6759,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -6807,8 +6807,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -6904,8 +6904,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -6946,8 +6946,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -7387,87 +7387,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.13.md b/docs/security/oss/grype-4.0.13.md index b8aec7a..5559fd4 100644 --- a/docs/security/oss/grype-4.0.13.md +++ b/docs/security/oss/grype-4.0.13.md @@ -27,13 +27,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u14 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.3.json b/docs/security/oss/grype-4.0.3.json index affa27d..1cbb3f8 100644 --- a/docs/security/oss/grype-4.0.3.json +++ b/docs/security/oss/grype-4.0.3.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -557,8 +557,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -641,8 +641,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -733,8 +733,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -817,8 +817,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -896,8 +896,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -959,8 +959,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -1054,8 +1054,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -1117,8 +1117,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -1215,8 +1215,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -1271,8 +1271,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -1363,8 +1363,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -1435,8 +1435,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -1514,8 +1514,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1574,8 +1574,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1669,8 +1669,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1723,8 +1723,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1812,8 +1812,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -1882,8 +1882,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -1974,8 +1974,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -2018,8 +2018,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -2099,8 +2099,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -2146,8 +2146,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -2222,8 +2222,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -2284,8 +2284,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -2369,8 +2369,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2439,8 +2439,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2540,8 +2540,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2610,8 +2610,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2702,8 +2702,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2772,8 +2772,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2869,8 +2869,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2939,8 +2939,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -3031,8 +3031,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -3087,8 +3087,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -3166,8 +3166,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3226,8 +3226,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3311,8 +3311,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3371,8 +3371,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3447,8 +3447,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3507,8 +3507,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3588,8 +3588,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3648,8 +3648,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3737,8 +3737,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3813,8 +3813,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3919,8 +3919,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3983,8 +3983,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -4093,8 +4093,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4173,8 +4173,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -4236,8 +4236,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -4344,8 +4344,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -4400,8 +4400,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -4479,8 +4479,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -4546,8 +4546,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -4646,8 +4646,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4688,8 +4688,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4756,8 +4756,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4808,8 +4808,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4916,8 +4916,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4983,8 +4983,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5096,8 +5096,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -5143,8 +5143,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -5206,6 +5206,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:52e55bb5fc324478ddc62ebaec39a618e9b33d61041b37b718f41563baaaee59", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.3:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.3" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "4a91e02ef47904f6", + "name": "fluent-bit", + "version": "4.0.3", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:898af578770d19ceb6c408bc72724ec61e690dfa18e56dea99bcd77e549296fe", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.3:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.3", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -5219,8 +5438,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -5284,8 +5503,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -5369,8 +5588,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5417,8 +5636,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5502,8 +5721,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5550,8 +5769,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5626,8 +5845,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5674,8 +5893,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5755,8 +5974,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5803,8 +6022,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5879,8 +6098,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5936,8 +6155,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5999,225 +6218,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.3:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.3" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "4a91e02ef47904f6", - "name": "fluent-bit", - "version": "4.0.3", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:898af578770d19ceb6c408bc72724ec61e690dfa18e56dea99bcd77e549296fe", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.3:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.3", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:52e55bb5fc324478ddc62ebaec39a618e9b33d61041b37b718f41563baaaee59", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -6242,8 +6242,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -6298,8 +6298,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -6409,8 +6409,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6469,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -6567,8 +6567,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6629,8 +6629,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6724,8 +6724,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6791,8 +6791,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6873,8 +6873,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6940,8 +6940,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -7018,8 +7018,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -7078,8 +7078,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -7163,8 +7163,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7213,8 +7213,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7289,8 +7289,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7339,8 +7339,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7411,8 +7411,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7461,8 +7461,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7537,8 +7537,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7587,8 +7587,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7659,8 +7659,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7792,8 +7792,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7840,8 +7840,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7916,8 +7916,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7964,8 +7964,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8045,8 +8045,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8093,8 +8093,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8169,8 +8169,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8236,8 +8236,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8318,8 +8318,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8385,8 +8385,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8463,8 +8463,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8524,8 +8524,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8632,8 +8632,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8693,8 +8693,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8769,8 +8769,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8830,8 +8830,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8934,8 +8934,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,8 +8995,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9094,8 +9094,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9155,8 +9155,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9254,8 +9254,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -9302,8 +9302,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -9399,8 +9399,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -9441,8 +9441,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9877,87 +9877,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.3.md b/docs/security/oss/grype-4.0.3.md index 294f1b1..bf60f40 100644 --- a/docs/security/oss/grype-4.0.3.md +++ b/docs/security/oss/grype-4.0.3.md @@ -42,13 +42,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.22-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.22-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.4.json b/docs/security/oss/grype-4.0.4.json index 4d98fe9..3134477 100644 --- a/docs/security/oss/grype-4.0.4.json +++ b/docs/security/oss/grype-4.0.4.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -557,8 +557,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -641,8 +641,8 @@ { "cve": "CVE-2025-32990", "epss": 0.00155, - "percentile": 0.3685, - "date": "2025-12-22" + "percentile": 0.36794, + "date": "2025-12-29" } ], "cwes": [ @@ -733,8 +733,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -817,8 +817,8 @@ { "cve": "CVE-2025-32988", "epss": 0.00117, - "percentile": 0.31252, - "date": "2025-12-22" + "percentile": 0.31178, + "date": "2025-12-29" } ], "cwes": [ @@ -896,8 +896,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -959,8 +959,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -1054,8 +1054,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -1117,8 +1117,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -1215,8 +1215,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -1271,8 +1271,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -1363,8 +1363,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -1435,8 +1435,8 @@ { "cve": "CVE-2025-6395", "epss": 0.00084, - "percentile": 0.24956, - "date": "2025-12-22" + "percentile": 0.2484, + "date": "2025-12-29" } ], "cwes": [ @@ -1514,8 +1514,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1574,8 +1574,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1669,8 +1669,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1723,8 +1723,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1812,8 +1812,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -1882,8 +1882,8 @@ { "cve": "CVE-2025-32989", "epss": 0.00086, - "percentile": 0.25305, - "date": "2025-12-22" + "percentile": 0.25191, + "date": "2025-12-29" } ], "cwes": [ @@ -1974,8 +1974,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -2018,8 +2018,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -2099,8 +2099,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -2146,8 +2146,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -2222,8 +2222,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -2284,8 +2284,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -2369,8 +2369,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2439,8 +2439,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2540,8 +2540,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2610,8 +2610,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2702,8 +2702,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2772,8 +2772,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2869,8 +2869,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2939,8 +2939,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -3031,8 +3031,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -3087,8 +3087,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -3166,8 +3166,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3226,8 +3226,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3311,8 +3311,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3371,8 +3371,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3447,8 +3447,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3507,8 +3507,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3588,8 +3588,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3648,8 +3648,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3737,8 +3737,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3813,8 +3813,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3919,8 +3919,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3983,8 +3983,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -4093,8 +4093,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -4173,8 +4173,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -4236,8 +4236,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -4344,8 +4344,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -4400,8 +4400,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -4479,8 +4479,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -4546,8 +4546,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -4646,8 +4646,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4688,8 +4688,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4756,8 +4756,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4808,8 +4808,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4916,8 +4916,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4983,8 +4983,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -5096,8 +5096,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -5143,8 +5143,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -5206,6 +5206,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:1c3c5b9e02f8172ebd6cb9474721807064773a5f70d3d21a8b3ddf6dc45985d2", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.4:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.4" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "b2a47700449dfa91", + "name": "fluent-bit", + "version": "4.0.4", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:5bf46ecf63e66e9acb5c21a721d986d2d672d90d4e7f3c6020d296f85803ef81", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.4:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.4", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -5219,8 +5438,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -5284,8 +5503,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -5369,8 +5588,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5417,8 +5636,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5502,8 +5721,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5550,8 +5769,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5626,8 +5845,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5674,8 +5893,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5755,8 +5974,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5803,8 +6022,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5879,8 +6098,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5936,8 +6155,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5999,225 +6218,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.4:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.4" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "b2a47700449dfa91", - "name": "fluent-bit", - "version": "4.0.4", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:5bf46ecf63e66e9acb5c21a721d986d2d672d90d4e7f3c6020d296f85803ef81", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.4:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.4", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:1c3c5b9e02f8172ebd6cb9474721807064773a5f70d3d21a8b3ddf6dc45985d2", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -6242,8 +6242,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -6298,8 +6298,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -6409,8 +6409,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -6469,8 +6469,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -6567,8 +6567,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6629,8 +6629,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6724,8 +6724,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6791,8 +6791,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6873,8 +6873,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6940,8 +6940,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -7018,8 +7018,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -7078,8 +7078,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -7163,8 +7163,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7213,8 +7213,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7289,8 +7289,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7339,8 +7339,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -7411,8 +7411,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7461,8 +7461,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7537,8 +7537,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7587,8 +7587,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -7659,8 +7659,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7792,8 +7792,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7840,8 +7840,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7916,8 +7916,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7964,8 +7964,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8045,8 +8045,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8093,8 +8093,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -8169,8 +8169,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8236,8 +8236,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8318,8 +8318,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8385,8 +8385,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -8463,8 +8463,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8524,8 +8524,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8632,8 +8632,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8693,8 +8693,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8769,8 +8769,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8830,8 +8830,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8934,8 +8934,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8995,8 +8995,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9094,8 +9094,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9155,8 +9155,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -9254,8 +9254,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -9302,8 +9302,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -9399,8 +9399,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -9441,8 +9441,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9877,87 +9877,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.4.md b/docs/security/oss/grype-4.0.4.md index 59e51e9..ad12b33 100644 --- a/docs/security/oss/grype-4.0.4.md +++ b/docs/security/oss/grype-4.0.4.md @@ -42,13 +42,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.5.json b/docs/security/oss/grype-4.0.5.json index ba1cb9a..a26251b 100644 --- a/docs/security/oss/grype-4.0.5.json +++ b/docs/security/oss/grype-4.0.5.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -863,8 +863,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -919,8 +919,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -998,8 +998,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1058,8 +1058,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1153,8 +1153,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1207,8 +1207,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1296,8 +1296,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1340,8 +1340,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1421,8 +1421,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1468,8 +1468,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1544,8 +1544,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1606,8 +1606,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1691,8 +1691,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1761,8 +1761,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1862,8 +1862,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1932,8 +1932,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2024,8 +2024,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2094,8 +2094,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2191,8 +2191,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2261,8 +2261,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2409,8 +2409,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2488,8 +2488,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2548,8 +2548,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2633,8 +2633,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2693,8 +2693,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2769,8 +2769,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2910,8 +2910,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2970,8 +2970,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3059,8 +3059,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3135,8 +3135,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3241,8 +3241,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3305,8 +3305,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3415,8 +3415,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3558,8 +3558,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3666,8 +3666,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3722,8 +3722,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3801,8 +3801,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3868,8 +3868,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3968,8 +3968,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4010,8 +4010,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4078,8 +4078,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4130,8 +4130,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4238,8 +4238,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4305,8 +4305,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4418,8 +4418,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4465,8 +4465,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4528,6 +4528,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:2c48143b46c0c37e19b24b81b44f4c3620784ae714155891d332b1b1a59c8ca8", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.5:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.5" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "0b4dc2620c0fb58e", + "name": "fluent-bit", + "version": "4.0.5", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:1ae57ae677bae63479d9a00d7d3a0400e1a361f66b1afb20f917df29c042a77f", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.5:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.5", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -4541,8 +4760,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4606,8 +4825,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4691,8 +4910,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4739,8 +4958,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4824,8 +5043,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4872,8 +5091,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,8 +5167,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4996,8 +5215,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5077,8 +5296,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5125,8 +5344,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5201,8 +5420,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5258,8 +5477,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5321,225 +5540,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.5:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.5" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "0b4dc2620c0fb58e", - "name": "fluent-bit", - "version": "4.0.5", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:1ae57ae677bae63479d9a00d7d3a0400e1a361f66b1afb20f917df29c042a77f", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.5:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.5", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:2c48143b46c0c37e19b24b81b44f4c3620784ae714155891d332b1b1a59c8ca8", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -5564,8 +5564,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5620,8 +5620,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5731,8 +5731,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5791,8 +5791,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5889,8 +5889,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5951,8 +5951,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6046,8 +6046,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6113,8 +6113,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6195,8 +6195,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6262,8 +6262,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6340,8 +6340,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6400,8 +6400,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6485,8 +6485,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6535,8 +6535,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6611,8 +6611,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6661,8 +6661,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6733,8 +6733,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6783,8 +6783,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6859,8 +6859,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +6909,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6981,8 +6981,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7029,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7114,8 +7114,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7162,8 +7162,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7238,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7286,8 +7286,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7367,8 +7367,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7415,8 +7415,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7491,8 +7491,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7558,8 +7558,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7640,8 +7640,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7785,8 +7785,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7846,8 +7846,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7954,8 +7954,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8015,8 +8015,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8091,8 +8091,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8152,8 +8152,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8256,8 +8256,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8317,8 +8317,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8416,8 +8416,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8477,8 +8477,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8576,8 +8576,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8624,8 +8624,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8721,8 +8721,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8763,8 +8763,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9199,87 +9199,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.5.md b/docs/security/oss/grype-4.0.5.md index 53ba6c5..ab1d7b4 100644 --- a/docs/security/oss/grype-4.0.5.md +++ b/docs/security/oss/grype-4.0.5.md @@ -38,13 +38,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.6.json b/docs/security/oss/grype-4.0.6.json index fed3deb..b95e08b 100644 --- a/docs/security/oss/grype-4.0.6.json +++ b/docs/security/oss/grype-4.0.6.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -863,8 +863,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -919,8 +919,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -998,8 +998,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1058,8 +1058,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1153,8 +1153,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1207,8 +1207,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1296,8 +1296,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1340,8 +1340,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1421,8 +1421,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1468,8 +1468,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1544,8 +1544,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1606,8 +1606,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1691,8 +1691,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1761,8 +1761,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1862,8 +1862,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1932,8 +1932,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2024,8 +2024,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2094,8 +2094,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2191,8 +2191,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2261,8 +2261,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2409,8 +2409,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2488,8 +2488,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2548,8 +2548,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2633,8 +2633,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2693,8 +2693,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2769,8 +2769,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2910,8 +2910,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2970,8 +2970,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3059,8 +3059,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3135,8 +3135,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3241,8 +3241,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3305,8 +3305,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3415,8 +3415,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3558,8 +3558,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3666,8 +3666,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3722,8 +3722,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3801,8 +3801,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3868,8 +3868,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3968,8 +3968,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4010,8 +4010,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4078,8 +4078,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4130,8 +4130,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4238,8 +4238,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4305,8 +4305,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4418,8 +4418,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4465,8 +4465,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4528,6 +4528,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:c50e2491877490906be6ab542e8699363b77483314e53074ead89a6c34f9dc7d", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.6:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.6" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "3707ded65fc1f95c", + "name": "fluent-bit", + "version": "4.0.6", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:a3268f0af6d8d4480ab48ddd5abe5b1c845bf5e06151729f6c902fb00a92a461", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.6:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.6", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -4541,8 +4760,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4606,8 +4825,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4691,8 +4910,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4739,8 +4958,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4824,8 +5043,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4872,8 +5091,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,8 +5167,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4996,8 +5215,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5077,8 +5296,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5125,8 +5344,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5201,8 +5420,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5258,8 +5477,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5321,225 +5540,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.6:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.6" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "3707ded65fc1f95c", - "name": "fluent-bit", - "version": "4.0.6", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:a3268f0af6d8d4480ab48ddd5abe5b1c845bf5e06151729f6c902fb00a92a461", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.6:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.6", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:c50e2491877490906be6ab542e8699363b77483314e53074ead89a6c34f9dc7d", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -5564,8 +5564,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5620,8 +5620,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5731,8 +5731,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5791,8 +5791,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5889,8 +5889,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5951,8 +5951,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6046,8 +6046,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6113,8 +6113,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6195,8 +6195,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6262,8 +6262,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6340,8 +6340,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6400,8 +6400,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6485,8 +6485,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6535,8 +6535,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6611,8 +6611,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6661,8 +6661,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6733,8 +6733,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6783,8 +6783,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6859,8 +6859,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +6909,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6981,8 +6981,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7029,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7114,8 +7114,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7162,8 +7162,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7238,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7286,8 +7286,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7367,8 +7367,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7415,8 +7415,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7491,8 +7491,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7558,8 +7558,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7640,8 +7640,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7785,8 +7785,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7846,8 +7846,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7954,8 +7954,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8015,8 +8015,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8091,8 +8091,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8152,8 +8152,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8256,8 +8256,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8317,8 +8317,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8416,8 +8416,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8477,8 +8477,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8576,8 +8576,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8624,8 +8624,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8721,8 +8721,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8763,8 +8763,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9199,87 +9199,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.6.md b/docs/security/oss/grype-4.0.6.md index 5c5b98b..e75946a 100644 --- a/docs/security/oss/grype-4.0.6.md +++ b/docs/security/oss/grype-4.0.6.md @@ -38,13 +38,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.7.json b/docs/security/oss/grype-4.0.7.json index 65a2057..1301b78 100644 --- a/docs/security/oss/grype-4.0.7.json +++ b/docs/security/oss/grype-4.0.7.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -863,8 +863,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -919,8 +919,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -998,8 +998,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1058,8 +1058,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1153,8 +1153,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1207,8 +1207,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1296,8 +1296,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1340,8 +1340,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1421,8 +1421,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1468,8 +1468,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1544,8 +1544,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1606,8 +1606,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1691,8 +1691,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1761,8 +1761,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1862,8 +1862,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1932,8 +1932,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2024,8 +2024,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2094,8 +2094,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2191,8 +2191,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2261,8 +2261,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2409,8 +2409,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2488,8 +2488,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2548,8 +2548,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2633,8 +2633,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2693,8 +2693,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2769,8 +2769,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2910,8 +2910,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2970,8 +2970,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3059,8 +3059,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3135,8 +3135,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3241,8 +3241,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3305,8 +3305,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3415,8 +3415,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3558,8 +3558,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3666,8 +3666,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3722,8 +3722,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3801,8 +3801,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3868,8 +3868,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3968,8 +3968,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4010,8 +4010,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4078,8 +4078,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4130,8 +4130,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4238,8 +4238,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4305,8 +4305,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4418,8 +4418,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4465,8 +4465,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4528,6 +4528,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:e6f08f1f30bd6689a69c11717623bb6741c1e1ed323e4868b90b6a1d49eda610", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.7:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.7" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "5a345cde88029be1", + "name": "fluent-bit", + "version": "4.0.7", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:0e82ed369a721e840489041960007d230a287f85f19760992218dbdd10cc076a", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.7:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.7", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -4541,8 +4760,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4606,8 +4825,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4691,8 +4910,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4739,8 +4958,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4824,8 +5043,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4872,8 +5091,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,8 +5167,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4996,8 +5215,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5077,8 +5296,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5125,8 +5344,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5201,8 +5420,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5258,8 +5477,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5321,225 +5540,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.7:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.7" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "5a345cde88029be1", - "name": "fluent-bit", - "version": "4.0.7", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:0e82ed369a721e840489041960007d230a287f85f19760992218dbdd10cc076a", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.7:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.7", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:e6f08f1f30bd6689a69c11717623bb6741c1e1ed323e4868b90b6a1d49eda610", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -5564,8 +5564,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5620,8 +5620,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5731,8 +5731,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5791,8 +5791,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5889,8 +5889,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5951,8 +5951,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6046,8 +6046,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6113,8 +6113,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6195,8 +6195,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6262,8 +6262,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6340,8 +6340,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6400,8 +6400,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6485,8 +6485,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6535,8 +6535,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6611,8 +6611,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6661,8 +6661,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6733,8 +6733,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6783,8 +6783,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6859,8 +6859,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +6909,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6981,8 +6981,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7029,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7114,8 +7114,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7162,8 +7162,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7238,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7286,8 +7286,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7367,8 +7367,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7415,8 +7415,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7491,8 +7491,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7558,8 +7558,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7640,8 +7640,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7785,8 +7785,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7846,8 +7846,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7954,8 +7954,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8015,8 +8015,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8091,8 +8091,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8152,8 +8152,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8256,8 +8256,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8317,8 +8317,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8416,8 +8416,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8477,8 +8477,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8576,8 +8576,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8624,8 +8624,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8721,8 +8721,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8763,8 +8763,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9204,87 +9204,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.7.md b/docs/security/oss/grype-4.0.7.md index aa5cf1b..c7ed18e 100644 --- a/docs/security/oss/grype-4.0.7.md +++ b/docs/security/oss/grype-4.0.7.md @@ -38,13 +38,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.8.json b/docs/security/oss/grype-4.0.8.json index d1d6122..99f9c47 100644 --- a/docs/security/oss/grype-4.0.8.json +++ b/docs/security/oss/grype-4.0.8.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -863,8 +863,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -919,8 +919,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -998,8 +998,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1058,8 +1058,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1153,8 +1153,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1207,8 +1207,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1296,8 +1296,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1340,8 +1340,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1421,8 +1421,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1468,8 +1468,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1544,8 +1544,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1606,8 +1606,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1691,8 +1691,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1761,8 +1761,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1862,8 +1862,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1932,8 +1932,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2024,8 +2024,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2094,8 +2094,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2191,8 +2191,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2261,8 +2261,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2409,8 +2409,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2488,8 +2488,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2548,8 +2548,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2633,8 +2633,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2693,8 +2693,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2769,8 +2769,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2910,8 +2910,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2970,8 +2970,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3059,8 +3059,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3135,8 +3135,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3241,8 +3241,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3305,8 +3305,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3415,8 +3415,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3558,8 +3558,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3666,8 +3666,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3722,8 +3722,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3801,8 +3801,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3868,8 +3868,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3968,8 +3968,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4010,8 +4010,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4078,8 +4078,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4130,8 +4130,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4238,8 +4238,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4305,8 +4305,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4418,8 +4418,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4465,8 +4465,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4528,6 +4528,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:d14e017542c6367905f426ac3c8499aaf190db45bba7a74ae4d62115bfe67064", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.8:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.8" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "8aa851c632adf094", + "name": "fluent-bit", + "version": "4.0.8", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:fb1d570c99714a4b9848ea5b9b9d3ac523dcc9f624b04e433b9247363f2aa092", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.8:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.8", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -4541,8 +4760,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4606,8 +4825,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4691,8 +4910,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4739,8 +4958,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4824,8 +5043,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4872,8 +5091,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,8 +5167,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4996,8 +5215,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5077,8 +5296,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5125,8 +5344,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5201,8 +5420,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5258,8 +5477,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5321,225 +5540,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.8:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.8" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "8aa851c632adf094", - "name": "fluent-bit", - "version": "4.0.8", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:fb1d570c99714a4b9848ea5b9b9d3ac523dcc9f624b04e433b9247363f2aa092", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.8:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.8", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:d14e017542c6367905f426ac3c8499aaf190db45bba7a74ae4d62115bfe67064", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -5564,8 +5564,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5620,8 +5620,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5731,8 +5731,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5791,8 +5791,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5889,8 +5889,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5951,8 +5951,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6046,8 +6046,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6113,8 +6113,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6195,8 +6195,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6262,8 +6262,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6340,8 +6340,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6400,8 +6400,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6485,8 +6485,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6535,8 +6535,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6611,8 +6611,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6661,8 +6661,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6733,8 +6733,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6783,8 +6783,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6859,8 +6859,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +6909,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6981,8 +6981,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7029,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7114,8 +7114,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7162,8 +7162,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7238,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7286,8 +7286,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7367,8 +7367,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7415,8 +7415,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7491,8 +7491,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7558,8 +7558,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7640,8 +7640,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7785,8 +7785,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7846,8 +7846,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7954,8 +7954,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8015,8 +8015,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8091,8 +8091,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8152,8 +8152,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8256,8 +8256,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8317,8 +8317,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8416,8 +8416,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8477,8 +8477,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8576,8 +8576,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8624,8 +8624,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8721,8 +8721,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8763,8 +8763,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9204,87 +9204,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.8.md b/docs/security/oss/grype-4.0.8.md index a040eb6..816715b 100644 --- a/docs/security/oss/grype-4.0.8.md +++ b/docs/security/oss/grype-4.0.8.md @@ -38,13 +38,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.0.9.json b/docs/security/oss/grype-4.0.9.json index a3ccf62..9d791e3 100644 --- a/docs/security/oss/grype-4.0.9.json +++ b/docs/security/oss/grype-4.0.9.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -544,8 +544,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -607,8 +607,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -702,8 +702,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -765,8 +765,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -863,8 +863,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -919,8 +919,8 @@ { "cve": "CVE-2025-8715", "epss": 0.00072, - "percentile": 0.22309, - "date": "2025-12-22" + "percentile": 0.22324, + "date": "2025-12-29" } ], "cwes": [ @@ -998,8 +998,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1058,8 +1058,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1153,8 +1153,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1207,8 +1207,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1296,8 +1296,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1340,8 +1340,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1421,8 +1421,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1468,8 +1468,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1544,8 +1544,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1606,8 +1606,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1691,8 +1691,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1761,8 +1761,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1862,8 +1862,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -1932,8 +1932,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2024,8 +2024,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2094,8 +2094,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2191,8 +2191,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2261,8 +2261,8 @@ { "cve": "CVE-2025-3576", "epss": 0.00049, - "percentile": 0.15465, - "date": "2025-12-22" + "percentile": 0.15469, + "date": "2025-12-29" } ], "cwes": [ @@ -2353,8 +2353,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2409,8 +2409,8 @@ { "cve": "CVE-2025-8714", "epss": 0.00032, - "percentile": 0.08924, - "date": "2025-12-22" + "percentile": 0.08977, + "date": "2025-12-29" } ], "cwes": [ @@ -2488,8 +2488,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2548,8 +2548,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2633,8 +2633,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2693,8 +2693,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2769,8 +2769,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2829,8 +2829,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2910,8 +2910,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2970,8 +2970,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -3059,8 +3059,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3135,8 +3135,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -3241,8 +3241,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3305,8 +3305,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -3415,8 +3415,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3558,8 +3558,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3666,8 +3666,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3722,8 +3722,8 @@ { "cve": "CVE-2025-8713", "epss": 0.00057, - "percentile": 0.17959, - "date": "2025-12-22" + "percentile": 0.1798, + "date": "2025-12-29" } ], "cwes": [ @@ -3801,8 +3801,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3868,8 +3868,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3968,8 +3968,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -4010,8 +4010,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -4078,8 +4078,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4130,8 +4130,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -4238,8 +4238,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4305,8 +4305,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -4418,8 +4418,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4465,8 +4465,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -4528,6 +4528,225 @@ ] } }, + { + "vulnerability": { + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0114 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" + ], + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", + "cvss": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "metrics": { + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:891dbdd591f164fd4e1660f7b72e82c3d995057109207f08bad18b217a16df88", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.9:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.0.9" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "7740feeb65a993d4", + "name": "fluent-bit", + "version": "4.0.9", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:35e26f33315606291ae1e137d2089e5dcdd8d337d1f37f18e0c254fc5fbf2721", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.0.9:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.0.9", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2020-15719", @@ -4541,8 +4760,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4606,8 +4825,8 @@ { "cve": "CVE-2020-15719", "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "percentile": 0.44109, + "date": "2025-12-29" } ], "cwes": [ @@ -4691,8 +4910,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4739,8 +4958,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4824,8 +5043,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4872,8 +5091,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4948,8 +5167,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4996,8 +5215,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5077,8 +5296,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5125,8 +5344,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -5201,8 +5420,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5258,8 +5477,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -5321,225 +5540,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.9:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.0.9" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "7740feeb65a993d4", - "name": "fluent-bit", - "version": "4.0.9", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:35e26f33315606291ae1e137d2089e5dcdd8d337d1f37f18e0c254fc5fbf2721", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.0.9:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.0.9", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:891dbdd591f164fd4e1660f7b72e82c3d995057109207f08bad18b217a16df88", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-8058", @@ -5564,8 +5564,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5620,8 +5620,8 @@ { "cve": "CVE-2025-8058", "epss": 0.00017, - "percentile": 0.03077, - "date": "2025-12-22" + "percentile": 0.0307, + "date": "2025-12-29" } ], "cwes": [ @@ -5731,8 +5731,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5791,8 +5791,8 @@ { "cve": "CVE-2025-4802", "epss": 0.00012, - "percentile": 0.01166, - "date": "2025-12-22" + "percentile": 0.01161, + "date": "2025-12-29" } ], "cwes": [ @@ -5889,8 +5889,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5951,8 +5951,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -6046,8 +6046,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6113,8 +6113,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6195,8 +6195,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6262,8 +6262,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -6340,8 +6340,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6400,8 +6400,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -6485,8 +6485,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6535,8 +6535,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6611,8 +6611,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6661,8 +6661,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -6733,8 +6733,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6783,8 +6783,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6859,8 +6859,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6909,8 +6909,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6981,8 +6981,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7029,8 +7029,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7114,8 +7114,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7162,8 +7162,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7238,8 +7238,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7286,8 +7286,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7367,8 +7367,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7415,8 +7415,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -7491,8 +7491,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7558,8 +7558,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7640,8 +7640,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7707,8 +7707,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -7785,8 +7785,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7846,8 +7846,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7954,8 +7954,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8015,8 +8015,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8091,8 +8091,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8152,8 +8152,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8256,8 +8256,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8317,8 +8317,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8416,8 +8416,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8477,8 +8477,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -8576,8 +8576,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8624,8 +8624,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -8721,8 +8721,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -8763,8 +8763,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -9204,87 +9204,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.0.9.md b/docs/security/oss/grype-4.0.9.md index c905057..78f6295 100644 --- a/docs/security/oss/grype-4.0.9.md +++ b/docs/security/oss/grype-4.0.9.md @@ -38,13 +38,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u3 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u12 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u10 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | diff --git a/docs/security/oss/grype-4.1.0.json b/docs/security/oss/grype-4.1.0.json index 910812d..474ad65 100644 --- a/docs/security/oss/grype-4.1.0.json +++ b/docs/security/oss/grype-4.1.0.json @@ -26,8 +26,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -105,8 +105,8 @@ { "cve": "CVE-2023-2953", "epss": 0.01466, - "percentile": 0.80421, - "date": "2025-12-22" + "percentile": 0.8045, + "date": "2025-12-29" } ], "cwes": [ @@ -202,8 +202,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -337,8 +337,8 @@ { "cve": "CVE-2011-3389", "epss": 0.03795, - "percentile": 0.8771, - "date": "2025-12-22" + "percentile": 0.87712, + "date": "2025-12-29" } ], "cwes": [ @@ -413,8 +413,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ], "fix": { @@ -467,8 +467,8 @@ { "cve": "CVE-2015-3276", "epss": 0.02852, - "percentile": 0.85792, - "date": "2025-12-22" + "percentile": 0.85805, + "date": "2025-12-29" } ] } @@ -559,9 +559,9 @@ "epss": [ { "cve": "CVE-2025-12970", - "epss": 0.00117, - "percentile": 0.31218, - "date": "2025-12-22" + "epss": 0.00134, + "percentile": 0.33811, + "date": "2025-12-29" } ], "cwes": [ @@ -577,7 +577,7 @@ "state": "" }, "advisories": [], - "risk": 0.09535500000000001 + "risk": 0.10921000000000002 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -640,8 +640,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -703,8 +703,8 @@ { "cve": "CVE-2018-20796", "epss": 0.01669, - "percentile": 0.8164, - "date": "2025-12-22" + "percentile": 0.8165, + "date": "2025-12-29" } ], "cwes": [ @@ -798,8 +798,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -861,8 +861,8 @@ { "cve": "CVE-2017-17740", "epss": 0.01643, - "percentile": 0.81494, - "date": "2025-12-22" + "percentile": 0.81507, + "date": "2025-12-29" } ], "cwes": [ @@ -961,9 +961,9 @@ "epss": [ { "cve": "CVE-2025-12977", - "epss": 0.00072, - "percentile": 0.22221, - "date": "2025-12-22" + "epss": 0.00078, + "percentile": 0.23684, + "date": "2025-12-29" } ], "cwes": [ @@ -979,7 +979,7 @@ "state": "" }, "advisories": [], - "risk": 0.06516 + "risk": 0.07059 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -1056,9 +1056,9 @@ "epss": [ { "cve": "CVE-2025-12978", - "epss": 0.00114, - "percentile": 0.30829, - "date": "2025-12-22" + "epss": 0.00131, + "percentile": 0.33436, + "date": "2025-12-29" } ], "fix": { @@ -1066,7 +1066,7 @@ "state": "" }, "advisories": [], - "risk": 0.05928 + "risk": 0.06812 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -1144,9 +1144,9 @@ "epss": [ { "cve": "CVE-2025-12969", - "epss": 0.00097, - "percentile": 0.27479, - "date": "2025-12-22" + "epss": 0.00106, + "percentile": 0.29319, + "date": "2025-12-29" } ], "cwes": [ @@ -1162,7 +1162,7 @@ "state": "" }, "advisories": [], - "risk": 0.055775 + "risk": 0.06094999999999999 }, "relatedVulnerabilities": [], "matchDetails": [ @@ -1212,6 +1212,102 @@ "upstreams": [] } }, + { + "vulnerability": { + "id": "CVE-2025-12972", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12972", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://fluentbit.io/blog/2025/10/28/security-vulnerabilities-addressed-in-fluent-bit-v4.1-and-backported-to-v4.0/", + "https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover" + ], + "description": "Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "metrics": { + "baseScore": 5.3, + "exploitabilityScore": 3.9, + "impactScore": 1.5 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-12972", + "epss": 0.00093, + "percentile": 0.2664, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-12972", + "cwe": "CWE-22", + "source": "nvd@nist.gov", + "type": "Primary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.047895 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.1.0" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-12972", + "versionConstraint": "= 4.1.0 (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "c9f8017f4b3fb0ab", + "name": "fluent-bit", + "version": "4.1.0", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:0f3590c76e91ee02acf305bdcff2f981bc9f783070524382028f071e8da36d86", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.1.0", + "upstreams": [] + } + }, { "vulnerability": { "id": "CVE-2019-9192", @@ -1225,8 +1321,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1285,8 +1381,8 @@ { "cve": "CVE-2019-9192", "epss": 0.00942, - "percentile": 0.75679, - "date": "2025-12-22" + "percentile": 0.75689, + "date": "2025-12-29" } ], "cwes": [ @@ -1380,8 +1476,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1434,8 +1530,8 @@ { "cve": "CVE-2025-0725", "epss": 0.00904, - "percentile": 0.75131, - "date": "2025-12-22" + "percentile": 0.75137, + "date": "2025-12-29" } ], "cwes": [ @@ -1497,102 +1593,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-12972", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-12972", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://fluentbit.io/blog/2025/10/28/security-vulnerabilities-addressed-in-fluent-bit-v4.1-and-backported-to-v4.0/", - "https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover" - ], - "description": "Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "metrics": { - "baseScore": 5.3, - "exploitabilityScore": 3.9, - "impactScore": 1.5 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-12972", - "epss": 0.00086, - "percentile": 0.25329, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-12972", - "cwe": "CWE-22", - "source": "nvd@nist.gov", - "type": "Primary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.044289999999999996 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.1.0" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-12972", - "versionConstraint": "= 4.1.0 (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "c9f8017f4b3fb0ab", - "name": "fluent-bit", - "version": "4.1.0", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:0f3590c76e91ee02acf305bdcff2f981bc9f783070524382028f071e8da36d86", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.1.0", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2025-10148", @@ -1619,8 +1619,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ], "fix": { @@ -1663,8 +1663,8 @@ { "cve": "CVE-2025-10148", "epss": 0.0007, - "percentile": 0.2161, - "date": "2025-12-22" + "percentile": 0.21614, + "date": "2025-12-29" } ] } @@ -1744,8 +1744,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1791,8 +1791,8 @@ { "cve": "CVE-2025-12818", "epss": 0.00057, - "percentile": 0.18022, - "date": "2025-12-22" + "percentile": 0.18044, + "date": "2025-12-29" } ], "cwes": [ @@ -1867,8 +1867,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -1929,8 +1929,8 @@ { "cve": "CVE-2018-6829", "epss": 0.00577, - "percentile": 0.68094, - "date": "2025-12-22" + "percentile": 0.68095, + "date": "2025-12-29" } ], "cwes": [ @@ -2001,8 +2001,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2061,8 +2061,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2146,8 +2146,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2206,8 +2206,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2282,8 +2282,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2342,8 +2342,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2423,8 +2423,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2483,8 +2483,8 @@ { "cve": "CVE-2018-5709", "epss": 0.00463, - "percentile": 0.63555, - "date": "2025-12-22" + "percentile": 0.63567, + "date": "2025-12-29" } ], "cwes": [ @@ -2572,8 +2572,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2648,8 +2648,8 @@ { "cve": "CVE-2025-9230", "epss": 0.00026, - "percentile": 0.06547, - "date": "2025-12-22" + "percentile": 0.06612, + "date": "2025-12-29" } ], "cwes": [ @@ -2754,8 +2754,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2818,8 +2818,8 @@ { "cve": "CVE-2019-1010024", "epss": 0.00364, - "percentile": 0.57868, - "date": "2025-12-22" + "percentile": 0.57897, + "date": "2025-12-29" } ], "cwes": [ @@ -2928,8 +2928,8 @@ { "cve": "CVE-2025-29478", "epss": 0.00034, - "percentile": 0.09464, - "date": "2025-12-22" + "percentile": 0.09457, + "date": "2025-12-29" } ], "cwes": [ @@ -3008,8 +3008,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3071,8 +3071,8 @@ { "cve": "CVE-2019-1010025", "epss": 0.00356, - "percentile": 0.5729, - "date": "2025-12-22" + "percentile": 0.57312, + "date": "2025-12-29" } ], "cwes": [ @@ -3166,8 +3166,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ], "fix": { @@ -3233,8 +3233,8 @@ { "cve": "CVE-2019-1010023", "epss": 0.00346, - "percentile": 0.56632, - "date": "2025-12-22" + "percentile": 0.56648, + "date": "2025-12-29" } ] } @@ -3333,8 +3333,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ], "fix": { @@ -3375,8 +3375,8 @@ { "cve": "CVE-2025-9086", "epss": 0.00022, - "percentile": 0.05057, - "date": "2025-12-22" + "percentile": 0.051, + "date": "2025-12-29" } ] } @@ -3443,8 +3443,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3495,8 +3495,8 @@ { "cve": "CVE-2010-4756", "epss": 0.00319, - "percentile": 0.54444, - "date": "2025-12-22" + "percentile": 0.5445, + "date": "2025-12-29" } ], "cwes": [ @@ -3603,8 +3603,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3670,8 +3670,8 @@ { "cve": "CVE-2025-9232", "epss": 0.00028, - "percentile": 0.07214, - "date": "2025-12-22" + "percentile": 0.07259, + "date": "2025-12-29" } ], "cwes": [ @@ -3783,8 +3783,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3830,8 +3830,8 @@ { "cve": "CVE-2025-12817", "epss": 0.00046, - "percentile": 0.14122, - "date": "2025-12-22" + "percentile": 0.14026, + "date": "2025-12-29" } ], "cwes": [ @@ -3895,27 +3895,27 @@ }, { "vulnerability": { - "id": "CVE-2020-15719", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2020-15719", + "id": "CVE-2024-2236", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", "namespace": "debian:distro:debian:12", "severity": "Negligible", "urls": [], - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "cvss": [], "epss": [ { - "cve": "CVE-2020-15719", - "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2020-15719", - "cwe": "CWE-295", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" } ], "fix": { @@ -3923,64 +3923,283 @@ "state": "not-fixed" }, "advisories": [], - "risk": 0.0108 + "risk": 0.0114 }, "relatedVulnerabilities": [ { - "id": "CVE-2020-15719", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "id": "CVE-2024-2236", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", "namespace": "nvd:cpe", "severity": "Medium", "urls": [ - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", - "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", - "https://access.redhat.com/errata/RHBA-2019:3674", - "https://bugs.openldap.org/show_bug.cgi?id=9266", - "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", - "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", - "https://www.oracle.com/security-alerts/cpuapr2022.html" + "https://access.redhat.com/errata/RHSA-2024:9404", + "https://access.redhat.com/errata/RHSA-2025:3530", + "https://access.redhat.com/errata/RHSA-2025:3534", + "https://access.redhat.com/security/cve/CVE-2024-2236", + "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" ], - "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "cvss": [ { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "secalert@redhat.com", + "type": "Secondary", "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", - "metrics": { - "baseScore": 4.2, - "exploitabilityScore": 1.7, - "impactScore": 2.6 - }, - "vendorMetadata": {} - }, - { - "source": "nvd@nist.gov", - "type": "Primary", - "version": "2.0", - "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "metrics": { - "baseScore": 4, - "exploitabilityScore": 5, - "impactScore": 5 + "baseScore": 5.9, + "exploitabilityScore": 2.3, + "impactScore": 3.6 }, "vendorMetadata": {} } ], "epss": [ { - "cve": "CVE-2020-15719", - "epss": 0.00216, - "percentile": 0.44164, - "date": "2025-12-22" + "cve": "CVE-2024-2236", + "epss": 0.00228, + "percentile": 0.45475, + "date": "2025-12-29" } ], "cwes": [ { - "cve": "CVE-2020-15719", - "cwe": "CWE-295", - "source": "nvd@nist.gov", - "type": "Primary" + "cve": "CVE-2024-2236", + "cwe": "CWE-208", + "source": "secalert@redhat.com", + "type": "Secondary" + } + ] + } + ], + "matchDetails": [ + { + "type": "exact-direct-match", + "matcher": "dpkg-matcher", + "searchedBy": { + "distro": { + "type": "debian", + "version": "12" + }, + "package": { + "name": "libgcrypt20", + "version": "1.10.1-3" + }, + "namespace": "debian:distro:debian:12" + }, + "found": { + "vulnerabilityID": "CVE-2024-2236", + "versionConstraint": "none (unknown)" + } + } + ], + "artifact": { + "id": "aa143951e2980797", + "name": "libgcrypt20", + "version": "1.10.1-3", + "type": "deb", + "locations": [ + { + "path": "/var/lib/dpkg/status.d/libgcrypt20", + "layerID": "sha256:86fa2649786cc0925c0034adaf3ae286626382a50b431c29a3896af91fd013e8", + "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" + ], + "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2025-29477", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" + ], + "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", + "cvss": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "version": "3.1", + "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", + "metrics": { + "baseScore": 5.5, + "exploitabilityScore": 0.8, + "impactScore": 4.8 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2025-29477", + "epss": 0.00021, + "percentile": 0.05012, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2025-29477", + "cwe": "CWE-400", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary" + } + ], + "fix": { + "versions": [], + "state": "" + }, + "advisories": [], + "risk": 0.011025000000000002 + }, + "relatedVulnerabilities": [], + "matchDetails": [ + { + "type": "cpe-match", + "matcher": "stock-matcher", + "searchedBy": { + "namespace": "nvd:cpe", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" + ], + "package": { + "name": "fluent-bit", + "version": "4.1.0" + } + }, + "found": { + "vulnerabilityID": "CVE-2025-29477", + "versionConstraint": "none (unknown)", + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" + ] + } + } + ], + "artifact": { + "id": "c9f8017f4b3fb0ab", + "name": "fluent-bit", + "version": "4.1.0", + "type": "binary", + "locations": [ + { + "path": "/fluent-bit/bin/fluent-bit", + "layerID": "sha256:0f3590c76e91ee02acf305bdcff2f981bc9f783070524382028f071e8da36d86", + "accessPath": "/fluent-bit/bin/fluent-bit", + "annotations": { + "evidence": "primary" + } + } + ], + "language": "", + "licenses": [], + "cpes": [ + "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" + ], + "purl": "pkg:github/fluent/fluent-bit@4.1.0", + "upstreams": [] + } + }, + { + "vulnerability": { + "id": "CVE-2020-15719", + "dataSource": "https://security-tracker.debian.org/tracker/CVE-2020-15719", + "namespace": "debian:distro:debian:12", + "severity": "Negligible", + "urls": [], + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "cvss": [], + "epss": [ + { + "cve": "CVE-2020-15719", + "epss": 0.00216, + "percentile": 0.44109, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2020-15719", + "cwe": "CWE-295", + "source": "nvd@nist.gov", + "type": "Primary" + } + ], + "fix": { + "versions": [], + "state": "not-fixed" + }, + "advisories": [], + "risk": 0.0108 + }, + "relatedVulnerabilities": [ + { + "id": "CVE-2020-15719", + "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2020-15719", + "namespace": "nvd:cpe", + "severity": "Medium", + "urls": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html", + "https://access.redhat.com/errata/RHBA-2019:3674", + "https://bugs.openldap.org/show_bug.cgi?id=9266", + "https://bugzilla.redhat.com/show_bug.cgi?id=1740070", + "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", + "https://www.oracle.com/security-alerts/cpuapr2022.html" + ], + "description": "libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.", + "cvss": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "3.1", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "metrics": { + "baseScore": 4.2, + "exploitabilityScore": 1.7, + "impactScore": 2.6 + }, + "vendorMetadata": {} + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "version": "2.0", + "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N", + "metrics": { + "baseScore": 4, + "exploitabilityScore": 5, + "impactScore": 5 + }, + "vendorMetadata": {} + } + ], + "epss": [ + { + "cve": "CVE-2020-15719", + "epss": 0.00216, + "percentile": 0.44109, + "date": "2025-12-29" + } + ], + "cwes": [ + { + "cve": "CVE-2020-15719", + "cwe": "CWE-295", + "source": "nvd@nist.gov", + "type": "Primary" } ] } @@ -4056,8 +4275,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4104,8 +4323,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4189,8 +4408,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4237,8 +4456,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4313,8 +4532,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4361,8 +4580,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4442,8 +4661,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4490,8 +4709,8 @@ { "cve": "CVE-2024-26458", "epss": 0.00206, - "percentile": 0.43087, - "date": "2025-12-22" + "percentile": 0.43041, + "date": "2025-12-29" } ], "cwes": [ @@ -4566,8 +4785,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4623,8 +4842,8 @@ { "cve": "CVE-2024-2379", "epss": 0.00205, - "percentile": 0.42777, - "date": "2025-12-22" + "percentile": 0.42723, + "date": "2025-12-29" } ], "cwes": [ @@ -4686,225 +4905,6 @@ ] } }, - { - "vulnerability": { - "id": "CVE-2025-29477", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2025-29477", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md" - ], - "description": "An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.", - "cvss": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", - "metrics": { - "baseScore": 5.5, - "exploitabilityScore": 0.8, - "impactScore": 4.8 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2025-29477", - "epss": 0.00019, - "percentile": 0.04131, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2025-29477", - "cwe": "CWE-400", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "" - }, - "advisories": [], - "risk": 0.009975000000000001 - }, - "relatedVulnerabilities": [], - "matchDetails": [ - { - "type": "cpe-match", - "matcher": "stock-matcher", - "searchedBy": { - "namespace": "nvd:cpe", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" - ], - "package": { - "name": "fluent-bit", - "version": "4.1.0" - } - }, - "found": { - "vulnerabilityID": "CVE-2025-29477", - "versionConstraint": "none (unknown)", - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:*:*:*:*:*:*:*:*" - ] - } - } - ], - "artifact": { - "id": "c9f8017f4b3fb0ab", - "name": "fluent-bit", - "version": "4.1.0", - "type": "binary", - "locations": [ - { - "path": "/fluent-bit/bin/fluent-bit", - "layerID": "sha256:0f3590c76e91ee02acf305bdcff2f981bc9f783070524382028f071e8da36d86", - "accessPath": "/fluent-bit/bin/fluent-bit", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*" - ], - "purl": "pkg:github/fluent/fluent-bit@4.1.0", - "upstreams": [] - } - }, - { - "vulnerability": { - "id": "CVE-2024-2236", - "dataSource": "https://security-tracker.debian.org/tracker/CVE-2024-2236", - "namespace": "debian:distro:debian:12", - "severity": "Negligible", - "urls": [], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ], - "fix": { - "versions": [], - "state": "not-fixed" - }, - "advisories": [], - "risk": 0.0095 - }, - "relatedVulnerabilities": [ - { - "id": "CVE-2024-2236", - "dataSource": "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", - "namespace": "nvd:cpe", - "severity": "Medium", - "urls": [ - "https://access.redhat.com/errata/RHSA-2024:9404", - "https://access.redhat.com/errata/RHSA-2025:3530", - "https://access.redhat.com/errata/RHSA-2025:3534", - "https://access.redhat.com/security/cve/CVE-2024-2236", - "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", - "https://bugzilla.redhat.com/show_bug.cgi?id=2268268" - ], - "description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", - "cvss": [ - { - "source": "secalert@redhat.com", - "type": "Secondary", - "version": "3.1", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", - "metrics": { - "baseScore": 5.9, - "exploitabilityScore": 2.3, - "impactScore": 3.6 - }, - "vendorMetadata": {} - } - ], - "epss": [ - { - "cve": "CVE-2024-2236", - "epss": 0.0019, - "percentile": 0.41173, - "date": "2025-12-22" - } - ], - "cwes": [ - { - "cve": "CVE-2024-2236", - "cwe": "CWE-208", - "source": "secalert@redhat.com", - "type": "Secondary" - } - ] - } - ], - "matchDetails": [ - { - "type": "exact-direct-match", - "matcher": "dpkg-matcher", - "searchedBy": { - "distro": { - "type": "debian", - "version": "12" - }, - "package": { - "name": "libgcrypt20", - "version": "1.10.1-3" - }, - "namespace": "debian:distro:debian:12" - }, - "found": { - "vulnerabilityID": "CVE-2024-2236", - "versionConstraint": "none (unknown)" - } - } - ], - "artifact": { - "id": "aa143951e2980797", - "name": "libgcrypt20", - "version": "1.10.1-3", - "type": "deb", - "locations": [ - { - "path": "/var/lib/dpkg/status.d/libgcrypt20", - "layerID": "sha256:86fa2649786cc0925c0034adaf3ae286626382a50b431c29a3896af91fd013e8", - "accessPath": "/var/lib/dpkg/status.d/libgcrypt20", - "annotations": { - "evidence": "primary" - } - } - ], - "language": "", - "licenses": [], - "cpes": [ - "cpe:2.3:a:libgcrypt20:libgcrypt20:1.10.1-3:*:*:*:*:*:*:*" - ], - "purl": "pkg:deb/debian/libgcrypt20@1.10.1-3?arch=amd64&distro=debian-12", - "upstreams": [] - } - }, { "vulnerability": { "id": "CVE-2019-1010022", @@ -4918,8 +4918,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -4980,8 +4980,8 @@ { "cve": "CVE-2019-1010022", "epss": 0.00145, - "percentile": 0.35461, - "date": "2025-12-22" + "percentile": 0.35386, + "date": "2025-12-29" } ], "cwes": [ @@ -5075,8 +5075,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -5142,8 +5142,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -5224,8 +5224,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -5291,8 +5291,8 @@ { "cve": "CVE-2023-31437", "epss": 0.00128, - "percentile": 0.32957, - "date": "2025-12-22" + "percentile": 0.32875, + "date": "2025-12-29" } ], "cwes": [ @@ -5369,8 +5369,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -5429,8 +5429,8 @@ { "cve": "CVE-2017-14159", "epss": 0.00123, - "percentile": 0.32235, - "date": "2025-12-22" + "percentile": 0.32168, + "date": "2025-12-29" } ], "cwes": [ @@ -5514,8 +5514,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5564,8 +5564,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5640,8 +5640,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5690,8 +5690,8 @@ { "cve": "CVE-2023-31438", "epss": 0.001, - "percentile": 0.28456, - "date": "2025-12-22" + "percentile": 0.2839, + "date": "2025-12-29" } ], "cwes": [ @@ -5762,8 +5762,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5812,8 +5812,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5888,8 +5888,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -5938,8 +5938,8 @@ { "cve": "CVE-2023-31439", "epss": 0.00094, - "percentile": 0.26916, - "date": "2025-12-22" + "percentile": 0.26839, + "date": "2025-12-29" } ], "cwes": [ @@ -6010,8 +6010,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6058,8 +6058,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6143,8 +6143,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6191,8 +6191,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6267,8 +6267,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6315,8 +6315,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6396,8 +6396,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6444,8 +6444,8 @@ { "cve": "CVE-2024-26461", "epss": 0.00081, - "percentile": 0.24386, - "date": "2025-12-22" + "percentile": 0.24274, + "date": "2025-12-29" } ], "cwes": [ @@ -6520,8 +6520,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6587,8 +6587,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6669,8 +6669,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6736,8 +6736,8 @@ { "cve": "CVE-2013-4392", "epss": 0.00057, - "percentile": 0.17908, - "date": "2025-12-22" + "percentile": 0.1793, + "date": "2025-12-29" } ], "cwes": [ @@ -6814,8 +6814,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6875,8 +6875,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -6983,8 +6983,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7044,8 +7044,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7120,8 +7120,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7181,8 +7181,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7285,8 +7285,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7346,8 +7346,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7445,8 +7445,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7506,8 +7506,8 @@ { "cve": "CVE-2022-27943", "epss": 0.0005, - "percentile": 0.15592, - "date": "2025-12-22" + "percentile": 0.15598, + "date": "2025-12-29" } ], "cwes": [ @@ -7605,8 +7605,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7653,8 +7653,8 @@ { "cve": "CVE-2025-27587", "epss": 0.00035, - "percentile": 0.10112, - "date": "2025-12-22" + "percentile": 0.10124, + "date": "2025-12-29" } ], "cwes": [ @@ -7750,8 +7750,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ], "fix": { @@ -7792,8 +7792,8 @@ { "cve": "CVE-2025-10966", "epss": 0.00017, - "percentile": 0.03248, - "date": "2025-12-22" + "percentile": 0.03271, + "date": "2025-12-29" } ] } @@ -8233,87 +8233,87 @@ "db": { "status": { "schemaVersion": "v6.1.3", - "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-23T00:24:18Z_1766478014.tar.zst?checksum=sha256%3Ae8d76c30b9c487568af6b3940c95161c3a65b67e8d34b49c37440d543fe8ca7b", - "built": "2025-12-23T08:20:14Z", + "from": "https://grype.anchore.io/databases/v6/vulnerability-db_v6.1.3_2025-12-30T00:24:20Z_1767082792.tar.zst?checksum=sha256%3Ad106f975f2defe66ae3cd89e9d412c118700ff845b1d4eb6f1dca6239a1fb10f", + "built": "2025-12-30T08:19:52Z", "path": ".cache/grype/db/6/vulnerability.db", "valid": true }, "providers": { "alma": { - "captured": "2025-12-23T00:24:25Z", - "input": "xxh64:a0d50876ed3bfef6" + "captured": "2025-12-30T00:24:24Z", + "input": "xxh64:4eae1d77b8a0f455" }, "alpine": { - "captured": "2025-12-23T00:24:31Z", - "input": "xxh64:6a9af73c1b13dd4b" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:3514f3349b6a52b5" }, "amazon": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:886f9a7b971e6745" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:08b17c8cf9010196" }, "bitnami": { - "captured": "2025-12-23T00:24:27Z", - "input": "xxh64:495c042c59659c08" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:1a6ece132d4c7e44" }, "chainguard": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:c691ab80b2754c8f" + "captured": "2025-12-30T00:24:22Z", + "input": "xxh64:31b41034920c8d41" }, "chainguard-libraries": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:30983f84d2688b78" + "captured": "2025-12-30T00:24:31Z", + "input": "xxh64:9e624fa6df19b8bc" }, "debian": { - "captured": "2025-12-23T00:24:28Z", - "input": "xxh64:5e32f478cf3083fa" + "captured": "2025-12-30T00:24:30Z", + "input": "xxh64:729a6781b9045236" }, "echo": { - "captured": "2025-12-23T00:24:24Z", - "input": "xxh64:63fbb43ebfaec107" + "captured": "2025-12-30T00:24:20Z", + "input": "xxh64:870d87918c884e4d" }, "epss": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:dd877704d2f5a4ed" + "captured": "2025-12-30T00:24:28Z", + "input": "xxh64:fb3a52b689131e22" }, "github": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:07975ad47a62557d" + "captured": "2025-12-30T00:24:37Z", + "input": "xxh64:cb47cc4046a2a59c" }, "kev": { - "captured": "2025-12-23T00:24:37Z", - "input": "xxh64:41c85ebd6bbcbc08" + "captured": "2025-12-30T00:24:29Z", + "input": "xxh64:8e5322bd5e207e22" }, "mariner": { - "captured": "2025-12-23T00:24:18Z", - "input": "xxh64:d8b5dca08509a7a7" + "captured": "2025-12-30T00:24:27Z", + "input": "xxh64:2512d639be335970" }, "minimos": { - "captured": "2025-12-23T00:24:33Z", - "input": "xxh64:076c209bb5998164" + "captured": "2025-12-30T00:24:23Z", + "input": "xxh64:11571e52bf4b6f4a" }, "nvd": { - "captured": "2025-12-23T00:27:56Z", - "input": "xxh64:ccc83265aa9cea92" + "captured": "2025-12-30T00:28:10Z", + "input": "xxh64:a659061af0a8234f" }, "oracle": { - "captured": "2025-12-23T00:24:29Z", - "input": "xxh64:36332479d0982e56" + "captured": "2025-12-30T00:24:26Z", + "input": "xxh64:db8bad48abc57985" }, "rhel": { - "captured": "2025-12-23T00:25:15Z", - "input": "xxh64:1ce812e755bd4bb6" + "captured": "2025-12-30T00:25:36Z", + "input": "xxh64:fc92a75533595ec3" }, "sles": { - "captured": "2025-12-23T00:24:50Z", - "input": "xxh64:f7ca658ee4776d51" + "captured": "2025-12-30T00:24:43Z", + "input": "xxh64:729c1014618e77f3" }, "ubuntu": { - "captured": "2025-12-23T00:26:17Z", - "input": "xxh64:e50bf5ae51f5c5ee" + "captured": "2025-12-30T00:26:13Z", + "input": "xxh64:070ce6e7df0b1bbd" }, "wolfi": { - "captured": "2025-12-23T00:24:30Z", - "input": "xxh64:8c5ae6485f6873cb" + "captured": "2025-12-30T00:24:34Z", + "input": "xxh64:90864d2fe0e7321f" } } } diff --git a/docs/security/oss/grype-4.1.0.md b/docs/security/oss/grype-4.1.0.md index 6ec6a4e..a4f86c6 100644 --- a/docs/security/oss/grype-4.1.0.md +++ b/docs/security/oss/grype-4.1.0.md @@ -34,13 +34,13 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010025) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010023) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2010-4756](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756) | Negligible | +| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libldap-2.5-0 | 2.5.13+dfsg-5 | [CVE-2020-15719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719) | Negligible | | libgssapi-krb5-2 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libk5crypto3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5-3 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libkrb5support0 | 1.20.1-2+deb12u4 | [CVE-2024-26458](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458) | Negligible | | libcurl4 | 7.88.1-10+deb12u14 | [CVE-2024-2379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379) | Negligible | -| libgcrypt20 | 1.10.1-3 | [CVE-2024-2236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236) | Negligible | | libc6 | 2.36-9+deb12u13 | [CVE-2019-1010022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010022) | Negligible | | libsystemd0 | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible | | systemd | 254.26-1~bpo12+1 | [CVE-2023-31437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31437) | Negligible |