Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-47913 (GCVE-0-2025-47913)
Vulnerability from cvelistv5
Published
2025-11-13 21:29
Modified
2025-11-13 21:47
Severity ?
VLAI Severity ?
EPSS score ?
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| golang.org/x/crypto | golang.org/x/crypto/ssh/agent |
Version: 0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-47913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T21:47:44.206349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T21:47:50.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/crypto/ssh/agent",
"product": "golang.org/x/crypto/ssh/agent",
"programRoutines": [
{
"name": "client.SignWithFlags"
},
{
"name": "client.List"
},
{
"name": "agentKeyringSigner.Sign"
},
{
"name": "agentKeyringSigner.SignWithAlgorithm"
},
{
"name": "client.Sign"
},
{
"name": "client.Signers"
}
],
"vendor": "golang.org/x/crypto",
"versions": [
{
"lessThan": "0.43.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek"
},
{
"lang": "en",
"value": "Nicola Murino"
}
],
"descriptions": [
{
"lang": "en",
"value": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-703: Improper Handling of Exceptional Conditions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T21:29:39.907Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/700295"
},
{
"url": "https://go.dev/issue/75178"
},
{
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"title": "Potential denial of service in golang.org/x/crypto/ssh/agent"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-47913",
"datePublished": "2025-11-13T21:29:39.907Z",
"dateReserved": "2025-05-13T23:31:29.597Z",
"dateUpdated": "2025-11-13T21:47:50.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-47913\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-11-13T22:15:51.280\",\"lastModified\":\"2025-11-14T16:42:03.187\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://github.com/advisories/GHSA-hcg3-q754-cr77\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/700295\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/75178\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-4116\",\"source\":\"security@golang.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47913\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-13T21:47:44.206349Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-13T21:47:40.788Z\"}}], \"cna\": {\"title\": \"Potential denial of service in golang.org/x/crypto/ssh/agent\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek\"}, {\"lang\": \"en\", \"value\": \"Nicola Murino\"}], \"affected\": [{\"vendor\": \"golang.org/x/crypto\", \"product\": \"golang.org/x/crypto/ssh/agent\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.43.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/crypto/ssh/agent\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"client.SignWithFlags\"}, {\"name\": \"client.List\"}, {\"name\": \"agentKeyringSigner.Sign\"}, {\"name\": \"agentKeyringSigner.SignWithAlgorithm\"}, {\"name\": \"client.Sign\"}, {\"name\": \"client.Signers\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/700295\"}, {\"url\": \"https://go.dev/issue/75178\"}, {\"url\": \"https://github.com/advisories/GHSA-hcg3-q754-cr77\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-4116\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-703: Improper Handling of Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-11-13T21:29:39.907Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-47913\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-13T21:47:50.864Z\", \"dateReserved\": \"2025-05-13T23:31:29.597Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-11-13T21:29:39.907Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
suse-su-2025:4191-1
Vulnerability from csaf_suse
Published
2025-11-24 09:22
Modified
2025-11-24 09:22
Summary
Security update for amazon-ssm-agent
Notes
Title of the patch
Security update for amazon-ssm-agent
Description of the patch
This update for amazon-ssm-agent fixes the following issues:
- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)
Patchnames
SUSE-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-4191,openSUSE-SLE-15.6-2025-4191
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for amazon-ssm-agent",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for amazon-ssm-agent fixes the following issues:\n\n- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-4191,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-4191,openSUSE-SLE-15.6-2025-4191",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4191-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4191-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254191-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4191-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023338.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253611",
"url": "https://bugzilla.suse.com/1253611"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for amazon-ssm-agent",
"tracking": {
"current_release_date": "2025-11-24T09:22:22Z",
"generator": {
"date": "2025-11-24T09:22:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4191-1",
"initial_release_date": "2025-11-24T09:22:22Z",
"revision_history": [
{
"date": "2025-11-24T09:22:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"product": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"product_id": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"product": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"product_id": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.aarch64",
"openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T09:22:22Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4245-1
Vulnerability from csaf_suse
Published
2025-11-26 08:39
Modified
2025-11-26 08:39
Summary
Security update for buildah
Notes
Title of the patch
Security update for buildah
Description of the patch
This update for buildah fixes the following issues:
- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)
Patchnames
SUSE-2025-4245,SUSE-SLE-Module-Containers-15-SP6-2025-4245,SUSE-SLE-Module-Containers-15-SP7-2025-4245,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4245,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4245,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4245,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4245,openSUSE-SLE-15.6-2025-4245
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4245,SUSE-SLE-Module-Containers-15-SP6-2025-4245,SUSE-SLE-Module-Containers-15-SP7-2025-4245,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4245,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4245,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4245,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4245,openSUSE-SLE-15.6-2025-4245",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4245-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4245-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254245-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4245-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023369.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253598",
"url": "https://bugzilla.suse.com/1253598"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-11-26T08:39:12Z",
"generator": {
"date": "2025-11-26T08:39:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4245-1",
"initial_release_date": "2025-11-26T08:39:12Z",
"revision_history": [
{
"date": "2025-11-26T08:39:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.48.1.aarch64",
"product": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64",
"product_id": "buildah-1.35.5-150500.3.48.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.48.1.i586",
"product": {
"name": "buildah-1.35.5-150500.3.48.1.i586",
"product_id": "buildah-1.35.5-150500.3.48.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.48.1.ppc64le",
"product": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le",
"product_id": "buildah-1.35.5-150500.3.48.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.48.1.s390x",
"product": {
"name": "buildah-1.35.5-150500.3.48.1.s390x",
"product_id": "buildah-1.35.5-150500.3.48.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150500.3.48.1.x86_64",
"product": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64",
"product_id": "buildah-1.35.5-150500.3.48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.aarch64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.s390x"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150500.3.48.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.x86_64"
},
"product_reference": "buildah-1.35.5-150500.3.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:buildah-1.35.5-150500.3.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:buildah-1.35.5-150500.3.48.1.x86_64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.aarch64",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.ppc64le",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.s390x",
"openSUSE Leap 15.6:buildah-1.35.5-150500.3.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T08:39:12Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4157-1
Vulnerability from csaf_suse
Published
2025-11-21 14:30
Modified
2025-11-21 14:30
Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)
Patchnames
SUSE-2025-4157,SUSE-SLE-Micro-5.3-2025-4157,SUSE-SLE-Micro-5.4-2025-4157,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4157,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4157,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4157,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4157
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4157,SUSE-SLE-Micro-5.3-2025-4157,SUSE-SLE-Micro-5.4-2025-4157,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4157,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4157,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4157,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4157",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4157-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4157-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254157-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4157-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023313.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253542",
"url": "https://bugzilla.suse.com/1253542"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-11-21T14:30:17Z",
"generator": {
"date": "2025-11-21T14:30:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4157-1",
"initial_release_date": "2025-11-21T14:30:17Z",
"revision_history": [
{
"date": "2025-11-21T14:30:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.62.1.aarch64",
"product": {
"name": "podman-4.9.5-150400.4.62.1.aarch64",
"product_id": "podman-4.9.5-150400.4.62.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"product_id": "podman-remote-4.9.5-150400.4.62.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.62.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150400.4.62.1.aarch64",
"product_id": "podmansh-4.9.5-150400.4.62.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.62.1.i586",
"product": {
"name": "podman-4.9.5-150400.4.62.1.i586",
"product_id": "podman-4.9.5-150400.4.62.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.62.1.i586",
"product": {
"name": "podman-remote-4.9.5-150400.4.62.1.i586",
"product_id": "podman-remote-4.9.5-150400.4.62.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.62.1.i586",
"product": {
"name": "podmansh-4.9.5-150400.4.62.1.i586",
"product_id": "podmansh-4.9.5-150400.4.62.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150400.4.62.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150400.4.62.1.noarch",
"product_id": "podman-docker-4.9.5-150400.4.62.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.62.1.ppc64le",
"product": {
"name": "podman-4.9.5-150400.4.62.1.ppc64le",
"product_id": "podman-4.9.5-150400.4.62.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.62.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150400.4.62.1.ppc64le",
"product_id": "podman-remote-4.9.5-150400.4.62.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.62.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150400.4.62.1.ppc64le",
"product_id": "podmansh-4.9.5-150400.4.62.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.62.1.s390x",
"product": {
"name": "podman-4.9.5-150400.4.62.1.s390x",
"product_id": "podman-4.9.5-150400.4.62.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.62.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150400.4.62.1.s390x",
"product_id": "podman-remote-4.9.5-150400.4.62.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.62.1.s390x",
"product": {
"name": "podmansh-4.9.5-150400.4.62.1.s390x",
"product_id": "podmansh-4.9.5-150400.4.62.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150400.4.62.1.x86_64",
"product": {
"name": "podman-4.9.5-150400.4.62.1.x86_64",
"product_id": "podman-4.9.5-150400.4.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"product_id": "podman-remote-4.9.5-150400.4.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150400.4.62.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150400.4.62.1.x86_64",
"product_id": "podmansh-4.9.5-150400.4.62.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.62.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.62.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.62.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.ppc64le"
},
"product_reference": "podman-4.9.5-150400.4.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.62.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.ppc64le"
},
"product_reference": "podman-4.9.5-150400.4.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150400.4.62.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.62.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150400.4.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150400.4.62.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150400.4.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.3:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Micro 5.4:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.62.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.62.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T14:30:17Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4156-1
Vulnerability from csaf_suse
Published
2025-11-21 14:29
Modified
2025-11-21 14:29
Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)
Patchnames
SUSE-2025-4156,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4156,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4156,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4156,SUSE-SUSE-MicroOS-5.2-2025-4156,SUSE-Storage-7.1-2025-4156
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4156,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4156,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4156,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4156,SUSE-SUSE-MicroOS-5.2-2025-4156,SUSE-Storage-7.1-2025-4156",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4156-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4156-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254156-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4156-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023314.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253542",
"url": "https://bugzilla.suse.com/1253542"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-11-21T14:29:28Z",
"generator": {
"date": "2025-11-21T14:29:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4156-1",
"initial_release_date": "2025-11-21T14:29:28Z",
"revision_history": [
{
"date": "2025-11-21T14:29:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.66.1.aarch64",
"product": {
"name": "podman-4.9.5-150300.9.66.1.aarch64",
"product_id": "podman-4.9.5-150300.9.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"product_id": "podman-remote-4.9.5-150300.9.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.66.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150300.9.66.1.aarch64",
"product_id": "podmansh-4.9.5-150300.9.66.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.66.1.i586",
"product": {
"name": "podman-4.9.5-150300.9.66.1.i586",
"product_id": "podman-4.9.5-150300.9.66.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.66.1.i586",
"product": {
"name": "podman-remote-4.9.5-150300.9.66.1.i586",
"product_id": "podman-remote-4.9.5-150300.9.66.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.66.1.i586",
"product": {
"name": "podmansh-4.9.5-150300.9.66.1.i586",
"product_id": "podmansh-4.9.5-150300.9.66.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150300.9.66.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150300.9.66.1.noarch",
"product_id": "podman-docker-4.9.5-150300.9.66.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.66.1.ppc64le",
"product": {
"name": "podman-4.9.5-150300.9.66.1.ppc64le",
"product_id": "podman-4.9.5-150300.9.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.66.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150300.9.66.1.ppc64le",
"product_id": "podman-remote-4.9.5-150300.9.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.66.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150300.9.66.1.ppc64le",
"product_id": "podmansh-4.9.5-150300.9.66.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.66.1.s390x",
"product": {
"name": "podman-4.9.5-150300.9.66.1.s390x",
"product_id": "podman-4.9.5-150300.9.66.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.66.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150300.9.66.1.s390x",
"product_id": "podman-remote-4.9.5-150300.9.66.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.66.1.s390x",
"product": {
"name": "podmansh-4.9.5-150300.9.66.1.s390x",
"product_id": "podmansh-4.9.5-150300.9.66.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150300.9.66.1.x86_64",
"product": {
"name": "podman-4.9.5-150300.9.66.1.x86_64",
"product_id": "podman-4.9.5-150300.9.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"product_id": "podman-remote-4.9.5-150300.9.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150300.9.66.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150300.9.66.1.x86_64",
"product_id": "podmansh-4.9.5-150300.9.66.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.ppc64le"
},
"product_reference": "podman-4.9.5-150300.9.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.s390x"
},
"product_reference": "podman-4.9.5-150300.9.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.ppc64le"
},
"product_reference": "podman-4.9.5-150300.9.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.s390x"
},
"product_reference": "podman-4.9.5-150300.9.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150300.9.66.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150300.9.66.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150300.9.66.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Enterprise Storage 7.1:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Micro 5.2:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:podman-remote-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-4.9.5-150300.9.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:podman-remote-4.9.5-150300.9.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T14:29:28Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4185-1
Vulnerability from csaf_suse
Published
2025-11-24 07:57
Modified
2025-11-24 07:57
Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)
Patchnames
SUSE-2025-4185,SUSE-SLE-Micro-5.5-2025-4185,SUSE-SLE-Module-Containers-15-SP6-2025-4185,SUSE-SLE-Module-Containers-15-SP7-2025-4185,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4185,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4185,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4185,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4185,openSUSE-SLE-15.6-2025-4185
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4185,SUSE-SLE-Micro-5.5-2025-4185,SUSE-SLE-Module-Containers-15-SP6-2025-4185,SUSE-SLE-Module-Containers-15-SP7-2025-4185,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4185,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4185,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4185,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4185,openSUSE-SLE-15.6-2025-4185",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4185-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4185-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254185-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4185-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023317.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253542",
"url": "https://bugzilla.suse.com/1253542"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2025-11-24T07:57:21Z",
"generator": {
"date": "2025-11-24T07:57:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4185-1",
"initial_release_date": "2025-11-24T07:57:21Z",
"revision_history": [
{
"date": "2025-11-24T07:57:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.59.1.aarch64",
"product": {
"name": "podman-4.9.5-150500.3.59.1.aarch64",
"product_id": "podman-4.9.5-150500.3.59.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"product": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"product_id": "podman-remote-4.9.5-150500.3.59.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.59.1.aarch64",
"product": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64",
"product_id": "podmansh-4.9.5-150500.3.59.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.59.1.i586",
"product": {
"name": "podman-4.9.5-150500.3.59.1.i586",
"product_id": "podman-4.9.5-150500.3.59.1.i586"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.59.1.i586",
"product": {
"name": "podman-remote-4.9.5-150500.3.59.1.i586",
"product_id": "podman-remote-4.9.5-150500.3.59.1.i586"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.59.1.i586",
"product": {
"name": "podmansh-4.9.5-150500.3.59.1.i586",
"product_id": "podmansh-4.9.5-150500.3.59.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-4.9.5-150500.3.59.1.noarch",
"product": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch",
"product_id": "podman-docker-4.9.5-150500.3.59.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.59.1.ppc64le",
"product": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le",
"product_id": "podman-4.9.5-150500.3.59.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"product": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"product_id": "podman-remote-4.9.5-150500.3.59.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"product": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"product_id": "podmansh-4.9.5-150500.3.59.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.59.1.s390x",
"product": {
"name": "podman-4.9.5-150500.3.59.1.s390x",
"product_id": "podman-4.9.5-150500.3.59.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.59.1.s390x",
"product": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x",
"product_id": "podman-remote-4.9.5-150500.3.59.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.59.1.s390x",
"product": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x",
"product_id": "podmansh-4.9.5-150500.3.59.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-4.9.5-150500.3.59.1.x86_64",
"product": {
"name": "podman-4.9.5-150500.3.59.1.x86_64",
"product_id": "podman-4.9.5-150500.3.59.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"product": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"product_id": "podman-remote-4.9.5-150500.3.59.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-4.9.5-150500.3.59.1.x86_64",
"product": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64",
"product_id": "podmansh-4.9.5-150500.3.59.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-4.9.5-150500.3.59.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-4.9.5-150500.3.59.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.59.1.noarch"
},
"product_reference": "podman-docker-4.9.5-150500.3.59.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-4.9.5-150500.3.59.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podman-remote-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.aarch64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.ppc64le"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.s390x"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-4.9.5-150500.3.59.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.x86_64"
},
"product_reference": "podmansh-4.9.5-150500.3.59.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.59.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.59.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Micro 5.5:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:podmansh-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-docker-4.9.5-150500.3.59.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podman-remote-4.9.5-150500.3.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:podmansh-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podman-docker-4.9.5-150500.3.59.1.noarch",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podman-remote-4.9.5-150500.3.59.1.x86_64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.aarch64",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.ppc64le",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.s390x",
"openSUSE Leap 15.6:podmansh-4.9.5-150500.3.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:57:21Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4274-1
Vulnerability from csaf_suse
Published
2025-11-27 08:13
Modified
2025-11-27 08:13
Summary
Security update for buildah
Notes
Title of the patch
Security update for buildah
Description of the patch
This update for buildah fixes the following issues:
- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)
Patchnames
SUSE-2025-4274,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4274,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4274,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4274,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4274
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4274,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4274,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4274,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4274,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4274",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4274-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4274-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254274-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4274-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023399.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253598",
"url": "https://bugzilla.suse.com/1253598"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-11-27T08:13:05Z",
"generator": {
"date": "2025-11-27T08:13:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4274-1",
"initial_release_date": "2025-11-27T08:13:05Z",
"revision_history": [
{
"date": "2025-11-27T08:13:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.56.1.aarch64",
"product": {
"name": "buildah-1.35.5-150400.3.56.1.aarch64",
"product_id": "buildah-1.35.5-150400.3.56.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.56.1.i586",
"product": {
"name": "buildah-1.35.5-150400.3.56.1.i586",
"product_id": "buildah-1.35.5-150400.3.56.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.56.1.ppc64le",
"product": {
"name": "buildah-1.35.5-150400.3.56.1.ppc64le",
"product_id": "buildah-1.35.5-150400.3.56.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.56.1.s390x",
"product": {
"name": "buildah-1.35.5-150400.3.56.1.s390x",
"product_id": "buildah-1.35.5-150400.3.56.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150400.3.56.1.x86_64",
"product": {
"name": "buildah-1.35.5-150400.3.56.1.x86_64",
"product_id": "buildah-1.35.5-150400.3.56.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.s390x"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150400.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.x86_64"
},
"product_reference": "buildah-1.35.5-150400.3.56.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:buildah-1.35.5-150400.3.56.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:buildah-1.35.5-150400.3.56.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T08:13:05Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4229-1
Vulnerability from csaf_suse
Published
2025-11-25 12:46
Modified
2025-11-25 12:46
Summary
Security update for buildah
Notes
Title of the patch
Security update for buildah
Description of the patch
This update for buildah fixes the following issues:
- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)
Patchnames
SUSE-2025-4229,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4229,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4229,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4229,SUSE-Storage-7.1-2025-4229
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for buildah",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for buildah fixes the following issues:\n\n- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4229,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4229,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4229,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4229,SUSE-Storage-7.1-2025-4229",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4229-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4229-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254229-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4229-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023360.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253598",
"url": "https://bugzilla.suse.com/1253598"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for buildah",
"tracking": {
"current_release_date": "2025-11-25T12:46:16Z",
"generator": {
"date": "2025-11-25T12:46:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4229-1",
"initial_release_date": "2025-11-25T12:46:16Z",
"revision_history": [
{
"date": "2025-11-25T12:46:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.49.1.aarch64",
"product": {
"name": "buildah-1.35.5-150300.8.49.1.aarch64",
"product_id": "buildah-1.35.5-150300.8.49.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.49.1.i586",
"product": {
"name": "buildah-1.35.5-150300.8.49.1.i586",
"product_id": "buildah-1.35.5-150300.8.49.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.49.1.ppc64le",
"product": {
"name": "buildah-1.35.5-150300.8.49.1.ppc64le",
"product_id": "buildah-1.35.5-150300.8.49.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.49.1.s390x",
"product": {
"name": "buildah-1.35.5-150300.8.49.1.s390x",
"product_id": "buildah-1.35.5-150300.8.49.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1.35.5-150300.8.49.1.x86_64",
"product": {
"name": "buildah-1.35.5-150300.8.49.1.x86_64",
"product_id": "buildah-1.35.5-150300.8.49.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.s390x"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.ppc64le"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.aarch64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1.35.5-150300.8.49.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.x86_64"
},
"product_reference": "buildah-1.35.5-150300.8.49.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Enterprise Storage 7.1:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:buildah-1.35.5-150300.8.49.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:buildah-1.35.5-150300.8.49.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-25T12:46:16Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
suse-su-2025:4244-1
Vulnerability from csaf_suse
Published
2025-11-26 08:38
Modified
2025-11-26 08:38
Summary
Security update for amazon-ssm-agent
Notes
Title of the patch
Security update for amazon-ssm-agent
Description of the patch
This update for amazon-ssm-agent fixes the following issues:
- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)
Patchnames
SUSE-2025-4244,SUSE-SLE-Module-Public-Cloud-12-2025-4244
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for amazon-ssm-agent",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for amazon-ssm-agent fixes the following issues:\n\n- CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. (bsc#1253598)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4244,SUSE-SLE-Module-Public-Cloud-12-2025-4244",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4244-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4244-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254244-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4244-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023370.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253611",
"url": "https://bugzilla.suse.com/1253611"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for amazon-ssm-agent",
"tracking": {
"current_release_date": "2025-11-26T08:38:47Z",
"generator": {
"date": "2025-11-26T08:38:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4244-1",
"initial_release_date": "2025-11-26T08:38:47Z",
"revision_history": [
{
"date": "2025-11-26T08:38:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"product": {
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"product_id": "amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64",
"product": {
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64",
"product_id": "amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 12:amazon-ssm-agent-3.3.1611.0-4.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T08:38:47Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
ghsa-56w8-48fp-6mgv
Vulnerability from github
Published
2025-11-14 00:30
Modified
2025-11-14 00:30
Severity ?
VLAI Severity ?
Details
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
{
"affected": [],
"aliases": [
"CVE-2025-47913"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-13T22:15:51Z",
"severity": "HIGH"
},
"details": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"id": "GHSA-56w8-48fp-6mgv",
"modified": "2025-11-14T00:30:27Z",
"published": "2025-11-14T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://go.dev/cl/700295"
},
{
"type": "WEB",
"url": "https://go.dev/issue/75178"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
opensuse-su-2025:15773-1
Vulnerability from csaf_opensuse
Published
2025-11-27 00:00
Modified
2025-11-27 00:00
Summary
cheat-4.4.2-3.1 on GA media
Notes
Title of the patch
cheat-4.4.2-3.1 on GA media
Description of the patch
These are all security issues fixed in the cheat-4.4.2-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15773
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "cheat-4.4.2-3.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the cheat-4.4.2-3.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15773",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15773-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
}
],
"title": "cheat-4.4.2-3.1 on GA media",
"tracking": {
"current_release_date": "2025-11-27T00:00:00Z",
"generator": {
"date": "2025-11-27T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15773-1",
"initial_release_date": "2025-11-27T00:00:00Z",
"revision_history": [
{
"date": "2025-11-27T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-3.1.aarch64",
"product": {
"name": "cheat-4.4.2-3.1.aarch64",
"product_id": "cheat-4.4.2-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-3.1.ppc64le",
"product": {
"name": "cheat-4.4.2-3.1.ppc64le",
"product_id": "cheat-4.4.2-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-3.1.s390x",
"product": {
"name": "cheat-4.4.2-3.1.s390x",
"product_id": "cheat-4.4.2-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-3.1.x86_64",
"product": {
"name": "cheat-4.4.2-3.1.x86_64",
"product_id": "cheat-4.4.2-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64"
},
"product_reference": "cheat-4.4.2-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le"
},
"product_reference": "cheat-4.4.2-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x"
},
"product_reference": "cheat-4.4.2-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
},
"product_reference": "cheat-4.4.2-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-3.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
}
]
}
opensuse-su-2025-20143-1
Vulnerability from csaf_opensuse
Published
2025-12-04 13:08
Modified
2025-12-04 13:08
Summary
Security update for git-bug
Notes
Title of the patch
Security update for git-bug
Description of the patch
This update for git-bug fixes the following issues:
Changes in git-bug:
- Revendor to include fixed version of depending libraries:
- GO-2025-4116 (CVE-2025-47913, bsc#1253506) upgrade
golang.org/x/crypto to v0.43.0
- GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade
github.com/go-viper/mapstructure/v2 to v2.4.0
- GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous
- GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade
github.com/cloudflare/circl to v1.6.1
- GO-2025-4134 (CVE-2025-58181, bsc#1253930) upgrade
golang.org/x/crypto/ssh to v0.45.0
- GO-2025-4135 (CVE-2025-47914, bsc#1254084) upgrade
golang.org/x/crypto/ssh/agent to v0.45.0
- Revendor to include golang.org/x/net/html v 0.45.0 to prevent
possible DoS by various algorithms with quadratic complexity
when parsing HTML documents (bsc#1251463, CVE-2025-47911 and
bsc#1251664, CVE-2025-58190).
Update to version 0.10.1:
- cli: ignore missing sections when removing configuration (ddb22a2f)
Update to version 0.10.0:
- bridge: correct command used to create a new bridge (9942337b)
- web: simplify header navigation (7e95b169)
- webui: remark upgrade + gfm + syntax highlighting (6ee47b96)
- BREAKING CHANGE: dev-infra: remove gokart (89b880bd)
Update to version 0.10.0:
- bridge: correct command used to create a new bridge (9942337b)
- web: simplify header navigation (7e95b169)
- web: remark upgrade + gfm + syntax highlighting (6ee47b96)
Update to version 0.9.0:
- completion: remove errata from string literal (aa102c91)
- tui: improve readability of the help bar (23be684a)
Update to version 0.8.1+git.1746484874.96c7a111:
* docs: update install, contrib, and usage documentation (#1222)
* fix: resolve the remote URI using url.*.insteadOf (#1394)
* build(deps): bump the go_modules group across 1 directory with 3 updates (#1376)
* chore: gofmt simplify gitlab/export_test.go (#1392)
* fix: checkout repo before setting up go environment (#1390)
* feat: bump to go v1.24.2 (#1389)
* chore: update golang.org/x/net (#1379)
* fix: use -0700 when formatting time (#1388)
* fix: use correct url for gitlab PATs (#1384)
* refactor: remove depdendency on pnpm for auto-label action (#1383)
* feat: add action: auto-label (#1380)
* feat: remove lifecycle/frozen (#1377)
* build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378)
* feat: support new exclusion label: lifecycle/pinned (#1375)
* fix: refactor how gitlab title changes are detected (#1370)
* revert: "Create Dependabot config file" (#1374)
* refactor: rename //:git-bug.go to //:main.go (#1373)
* build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361)
* fix: set GitLastTag to an empty string when git-describe errors (#1355)
* chore: update go-git to v5@masterupdate_mods (#1284)
* refactor: Directly swap two variables to optimize code (#1272)
* Update README.md Matrix link to new room (#1275)
- Update to version 0.8.0+git.1742269202.0ab94c9:
* deps(crypto): bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337) (#1312)
- Update golang.org/x/crypto/ssh to v0.35.0 (bsc#1239494,
CVE-2025-22869).
- Add missing Requires to completion subpackages.
Update to version 0.8.0+git.1733745604.d499b6e:
* fix typos in docs (#1266)
* build(deps): bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0 (#1289)
- bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337, bsc#1234565).
Patchnames
openSUSE-Leap-16.0-packagehub-46
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for git-bug",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for git-bug fixes the following issues:\n\nChanges in git-bug:\n\n- Revendor to include fixed version of depending libraries:\n - GO-2025-4116 (CVE-2025-47913, bsc#1253506) upgrade\n golang.org/x/crypto to v0.43.0\n - GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade\n github.com/go-viper/mapstructure/v2 to v2.4.0\n - GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous\n - GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade\n github.com/cloudflare/circl to v1.6.1\n - GO-2025-4134 (CVE-2025-58181, bsc#1253930) upgrade\n golang.org/x/crypto/ssh to v0.45.0\n - GO-2025-4135 (CVE-2025-47914, bsc#1254084) upgrade\n golang.org/x/crypto/ssh/agent to v0.45.0\n\n- Revendor to include golang.org/x/net/html v 0.45.0 to prevent\n possible DoS by various algorithms with quadratic complexity\n when parsing HTML documents (bsc#1251463, CVE-2025-47911 and\n bsc#1251664, CVE-2025-58190).\n\nUpdate to version 0.10.1:\n\n - cli: ignore missing sections when removing configuration (ddb22a2f)\n\nUpdate to version 0.10.0:\n\n - bridge: correct command used to create a new bridge (9942337b)\n - web: simplify header navigation (7e95b169)\n - webui: remark upgrade + gfm + syntax highlighting (6ee47b96)\n - BREAKING CHANGE: dev-infra: remove gokart (89b880bd)\n\nUpdate to version 0.10.0:\n\n - bridge: correct command used to create a new bridge (9942337b)\n - web: simplify header navigation (7e95b169)\n - web: remark upgrade + gfm + syntax highlighting (6ee47b96)\n\nUpdate to version 0.9.0:\n\n - completion: remove errata from string literal (aa102c91)\n - tui: improve readability of the help bar (23be684a)\n\nUpdate to version 0.8.1+git.1746484874.96c7a111:\n\n * docs: update install, contrib, and usage documentation (#1222)\n * fix: resolve the remote URI using url.*.insteadOf (#1394)\n * build(deps): bump the go_modules group across 1 directory with 3 updates (#1376)\n * chore: gofmt simplify gitlab/export_test.go (#1392)\n * fix: checkout repo before setting up go environment (#1390)\n * feat: bump to go v1.24.2 (#1389)\n * chore: update golang.org/x/net (#1379)\n * fix: use -0700 when formatting time (#1388)\n * fix: use correct url for gitlab PATs (#1384)\n * refactor: remove depdendency on pnpm for auto-label action (#1383)\n * feat: add action: auto-label (#1380)\n * feat: remove lifecycle/frozen (#1377)\n * build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378)\n * feat: support new exclusion label: lifecycle/pinned (#1375)\n * fix: refactor how gitlab title changes are detected (#1370)\n * revert: \"Create Dependabot config file\" (#1374)\n * refactor: rename //:git-bug.go to //:main.go (#1373)\n * build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361)\n * fix: set GitLastTag to an empty string when git-describe errors (#1355)\n * chore: update go-git to v5@masterupdate_mods (#1284)\n * refactor: Directly swap two variables to optimize code (#1272)\n * Update README.md Matrix link to new room (#1275)\n\n- Update to version 0.8.0+git.1742269202.0ab94c9:\n * deps(crypto): bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337) (#1312)\n\n- Update golang.org/x/crypto/ssh to v0.35.0 (bsc#1239494,\n CVE-2025-22869).\n\n- Add missing Requires to completion subpackages.\n\nUpdate to version 0.8.0+git.1733745604.d499b6e:\n\n * fix typos in docs (#1266)\n * build(deps): bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0 (#1289)\n\n- bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337, bsc#1234565).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-46",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20143-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1234565",
"url": "https://bugzilla.suse.com/1234565"
},
{
"category": "self",
"summary": "SUSE Bug 1239494",
"url": "https://bugzilla.suse.com/1239494"
},
{
"category": "self",
"summary": "SUSE Bug 1251463",
"url": "https://bugzilla.suse.com/1251463"
},
{
"category": "self",
"summary": "SUSE Bug 1251664",
"url": "https://bugzilla.suse.com/1251664"
},
{
"category": "self",
"summary": "SUSE Bug 1253506",
"url": "https://bugzilla.suse.com/1253506"
},
{
"category": "self",
"summary": "SUSE Bug 1253930",
"url": "https://bugzilla.suse.com/1253930"
},
{
"category": "self",
"summary": "SUSE Bug 1254084",
"url": "https://bugzilla.suse.com/1254084"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for git-bug",
"tracking": {
"current_release_date": "2025-12-04T13:08:26Z",
"generator": {
"date": "2025-12-04T13:08:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025-20143-1",
"initial_release_date": "2025-12-04T13:08:26Z",
"revision_history": [
{
"date": "2025-12-04T13:08:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.aarch64",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.aarch64",
"product_id": "git-bug-0.10.1-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.ppc64le",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.ppc64le",
"product_id": "git-bug-0.10.1-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.s390x",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.s390x",
"product_id": "git-bug-0.10.1-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.x86_64",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.x86_64",
"product_id": "git-bug-0.10.1-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
opensuse-su-2025:15771-1
Vulnerability from csaf_opensuse
Published
2025-11-26 00:00
Modified
2025-11-26 00:00
Summary
git-bug-0.10.1-3.1 on GA media
Notes
Title of the patch
git-bug-0.10.1-3.1 on GA media
Description of the patch
These are all security issues fixed in the git-bug-0.10.1-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15771
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "git-bug-0.10.1-3.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the git-bug-0.10.1-3.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15771",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15771-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
}
],
"title": "git-bug-0.10.1-3.1 on GA media",
"tracking": {
"current_release_date": "2025-11-26T00:00:00Z",
"generator": {
"date": "2025-11-26T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15771-1",
"initial_release_date": "2025-11-26T00:00:00Z",
"revision_history": [
{
"date": "2025-11-26T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-3.1.aarch64",
"product": {
"name": "git-bug-0.10.1-3.1.aarch64",
"product_id": "git-bug-0.10.1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-3.1.aarch64",
"product": {
"name": "git-bug-bash-completion-0.10.1-3.1.aarch64",
"product_id": "git-bug-bash-completion-0.10.1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-3.1.aarch64",
"product": {
"name": "git-bug-fish-completion-0.10.1-3.1.aarch64",
"product_id": "git-bug-fish-completion-0.10.1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-3.1.aarch64",
"product": {
"name": "git-bug-zsh-completion-0.10.1-3.1.aarch64",
"product_id": "git-bug-zsh-completion-0.10.1-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-3.1.ppc64le",
"product": {
"name": "git-bug-0.10.1-3.1.ppc64le",
"product_id": "git-bug-0.10.1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-3.1.ppc64le",
"product": {
"name": "git-bug-bash-completion-0.10.1-3.1.ppc64le",
"product_id": "git-bug-bash-completion-0.10.1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-3.1.ppc64le",
"product": {
"name": "git-bug-fish-completion-0.10.1-3.1.ppc64le",
"product_id": "git-bug-fish-completion-0.10.1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"product": {
"name": "git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"product_id": "git-bug-zsh-completion-0.10.1-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-3.1.s390x",
"product": {
"name": "git-bug-0.10.1-3.1.s390x",
"product_id": "git-bug-0.10.1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-3.1.s390x",
"product": {
"name": "git-bug-bash-completion-0.10.1-3.1.s390x",
"product_id": "git-bug-bash-completion-0.10.1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-3.1.s390x",
"product": {
"name": "git-bug-fish-completion-0.10.1-3.1.s390x",
"product_id": "git-bug-fish-completion-0.10.1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-3.1.s390x",
"product": {
"name": "git-bug-zsh-completion-0.10.1-3.1.s390x",
"product_id": "git-bug-zsh-completion-0.10.1-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-3.1.x86_64",
"product": {
"name": "git-bug-0.10.1-3.1.x86_64",
"product_id": "git-bug-0.10.1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-3.1.x86_64",
"product": {
"name": "git-bug-bash-completion-0.10.1-3.1.x86_64",
"product_id": "git-bug-bash-completion-0.10.1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-3.1.x86_64",
"product": {
"name": "git-bug-fish-completion-0.10.1-3.1.x86_64",
"product_id": "git-bug-fish-completion-0.10.1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-3.1.x86_64",
"product": {
"name": "git-bug-zsh-completion-0.10.1-3.1.x86_64",
"product_id": "git-bug-zsh-completion-0.10.1-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64"
},
"product_reference": "git-bug-0.10.1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le"
},
"product_reference": "git-bug-0.10.1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x"
},
"product_reference": "git-bug-0.10.1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64"
},
"product_reference": "git-bug-0.10.1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64"
},
"product_reference": "git-bug-bash-completion-0.10.1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le"
},
"product_reference": "git-bug-bash-completion-0.10.1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x"
},
"product_reference": "git-bug-bash-completion-0.10.1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64"
},
"product_reference": "git-bug-bash-completion-0.10.1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64"
},
"product_reference": "git-bug-fish-completion-0.10.1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le"
},
"product_reference": "git-bug-fish-completion-0.10.1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x"
},
"product_reference": "git-bug-fish-completion-0.10.1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64"
},
"product_reference": "git-bug-fish-completion-0.10.1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64"
},
"product_reference": "git-bug-zsh-completion-0.10.1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le"
},
"product_reference": "git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x"
},
"product_reference": "git-bug-zsh-completion-0.10.1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
},
"product_reference": "git-bug-zsh-completion-0.10.1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-3.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
}
]
}
opensuse-su-2025:15744-1
Vulnerability from csaf_opensuse
Published
2025-11-19 00:00
Modified
2025-11-19 00:00
Summary
amazon-ssm-agent-3.3.3270.0-2.1 on GA media
Notes
Title of the patch
amazon-ssm-agent-3.3.3270.0-2.1 on GA media
Description of the patch
These are all security issues fixed in the amazon-ssm-agent-3.3.3270.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15744
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "amazon-ssm-agent-3.3.3270.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the amazon-ssm-agent-3.3.3270.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15744",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15744-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "amazon-ssm-agent-3.3.3270.0-2.1 on GA media",
"tracking": {
"current_release_date": "2025-11-19T00:00:00Z",
"generator": {
"date": "2025-11-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15744-1",
"initial_release_date": "2025-11-19T00:00:00Z",
"revision_history": [
{
"date": "2025-11-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"product": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"product_id": "amazon-ssm-agent-3.3.3270.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"product": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"product_id": "amazon-ssm-agent-3.3.3270.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"product": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"product_id": "amazon-ssm-agent-3.3.3270.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "amazon-ssm-agent-3.3.3270.0-2.1.x86_64",
"product": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.x86_64",
"product_id": "amazon-ssm-agent-3.3.3270.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.aarch64"
},
"product_reference": "amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.ppc64le"
},
"product_reference": "amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.s390x"
},
"product_reference": "amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amazon-ssm-agent-3.3.3270.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.x86_64"
},
"product_reference": "amazon-ssm-agent-3.3.3270.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.aarch64",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.ppc64le",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.s390x",
"openSUSE Tumbleweed:amazon-ssm-agent-3.3.3270.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
opensuse-su-2025-20138-1
Vulnerability from csaf_opensuse
Published
2025-12-04 12:02
Modified
2025-12-04 12:02
Summary
Security update for act
Notes
Title of the patch
Security update for act
Description of the patch
This update for act fixes the following issues:
- CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when
receiving unexpected message types for key listing or signing requests (boo#1253608)
Patchnames
openSUSE-Leap-16.0-packagehub-41
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for act",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for act fixes the following issues:\n\n- CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when\n receiving unexpected message types for key listing or signing requests (boo#1253608)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-41",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20138-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1253608",
"url": "https://bugzilla.suse.com/1253608"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "Security update for act",
"tracking": {
"current_release_date": "2025-12-04T12:02:10Z",
"generator": {
"date": "2025-12-04T12:02:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025-20138-1",
"initial_release_date": "2025-12-04T12:02:10Z",
"revision_history": [
{
"date": "2025-12-04T12:02:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.64-bp160.2.1.aarch64",
"product": {
"name": "act-0.2.64-bp160.2.1.aarch64",
"product_id": "act-0.2.64-bp160.2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.64-bp160.2.1.ppc64le",
"product": {
"name": "act-0.2.64-bp160.2.1.ppc64le",
"product_id": "act-0.2.64-bp160.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.64-bp160.2.1.s390x",
"product": {
"name": "act-0.2.64-bp160.2.1.s390x",
"product_id": "act-0.2.64-bp160.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.64-bp160.2.1.x86_64",
"product": {
"name": "act-0.2.64-bp160.2.1.x86_64",
"product_id": "act-0.2.64-bp160.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.64-bp160.2.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:act-0.2.64-bp160.2.1.aarch64"
},
"product_reference": "act-0.2.64-bp160.2.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.64-bp160.2.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:act-0.2.64-bp160.2.1.ppc64le"
},
"product_reference": "act-0.2.64-bp160.2.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.64-bp160.2.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:act-0.2.64-bp160.2.1.s390x"
},
"product_reference": "act-0.2.64-bp160.2.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.64-bp160.2.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:act-0.2.64-bp160.2.1.x86_64"
},
"product_reference": "act-0.2.64-bp160.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.aarch64",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.s390x",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.aarch64",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.s390x",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.aarch64",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.s390x",
"openSUSE Leap 16.0:act-0.2.64-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T12:02:10Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
opensuse-su-2025:15752-1
Vulnerability from csaf_opensuse
Published
2025-11-21 00:00
Modified
2025-11-21 00:00
Summary
act-0.2.82-2.1 on GA media
Notes
Title of the patch
act-0.2.82-2.1 on GA media
Description of the patch
These are all security issues fixed in the act-0.2.82-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15752
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "act-0.2.82-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the act-0.2.82-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15752",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15752-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
}
],
"title": "act-0.2.82-2.1 on GA media",
"tracking": {
"current_release_date": "2025-11-21T00:00:00Z",
"generator": {
"date": "2025-11-21T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15752-1",
"initial_release_date": "2025-11-21T00:00:00Z",
"revision_history": [
{
"date": "2025-11-21T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.82-2.1.aarch64",
"product": {
"name": "act-0.2.82-2.1.aarch64",
"product_id": "act-0.2.82-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.82-2.1.ppc64le",
"product": {
"name": "act-0.2.82-2.1.ppc64le",
"product_id": "act-0.2.82-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.82-2.1.s390x",
"product": {
"name": "act-0.2.82-2.1.s390x",
"product_id": "act-0.2.82-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "act-0.2.82-2.1.x86_64",
"product": {
"name": "act-0.2.82-2.1.x86_64",
"product_id": "act-0.2.82-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.82-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:act-0.2.82-2.1.aarch64"
},
"product_reference": "act-0.2.82-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.82-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:act-0.2.82-2.1.ppc64le"
},
"product_reference": "act-0.2.82-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.82-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:act-0.2.82-2.1.s390x"
},
"product_reference": "act-0.2.82-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "act-0.2.82-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:act-0.2.82-2.1.x86_64"
},
"product_reference": "act-0.2.82-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:act-0.2.82-2.1.aarch64",
"openSUSE Tumbleweed:act-0.2.82-2.1.ppc64le",
"openSUSE Tumbleweed:act-0.2.82-2.1.s390x",
"openSUSE Tumbleweed:act-0.2.82-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:act-0.2.82-2.1.aarch64",
"openSUSE Tumbleweed:act-0.2.82-2.1.ppc64le",
"openSUSE Tumbleweed:act-0.2.82-2.1.s390x",
"openSUSE Tumbleweed:act-0.2.82-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:act-0.2.82-2.1.aarch64",
"openSUSE Tumbleweed:act-0.2.82-2.1.ppc64le",
"openSUSE Tumbleweed:act-0.2.82-2.1.s390x",
"openSUSE Tumbleweed:act-0.2.82-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
}
]
}
wid-sec-w-2025-2608
Vulnerability from csaf_certbund
Published
2025-11-16 23:00
Modified
2025-11-27 23:00
Summary
Golang Go: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2608 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2608.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2608 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2608"
},
{
"category": "external",
"summary": "Go Vulnerability Report GO-2025-4116 vom 2025-11-16",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-56W8-48FP-6MGV vom 2025-11-16",
"url": "https://github.com/advisories/GHSA-56W8-48FP-6MGV"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4157-1 vom 2025-11-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023313.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15752-1 vom 2025-11-22",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MDLWX4URXLAOFG3T4E344QHSYWLZ3C7G/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4156-1 vom 2025-11-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023314.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4191-1 vom 2025-11-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XUO7YAEIM7GA7I44CRNTMPAMRZCMQHU7/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0437-1 vom 2025-11-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ESXQFUOOSH3JSWSWJMX5JZJ6JHBYLHQQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4191-1 vom 2025-11-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023338.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4220-1 vom 2025-11-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UOLZYXYXKUYHDTMI5MUWYMLKG6RQQB3S/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4229-1 vom 2025-11-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MYKOOJOQPEWWWHWFVTIM3QNZLBVL2I4L/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4274-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023399.html"
}
],
"source_lang": "en-US",
"title": "Golang Go: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-11-27T23:00:00.000+00:00",
"generator": {
"date": "2025-11-28T06:34:32.834+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2608",
"initial_release_date": "2025-11-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "golang.org/x/crypto \u003c0.43.0",
"product": {
"name": "Golang Go golang.org/x/crypto \u003c0.43.0",
"product_id": "T048648"
}
},
{
"category": "product_version",
"name": "golang.org/x/crypto 0.43.0",
"product": {
"name": "Golang Go golang.org/x/crypto 0.43.0",
"product_id": "T048648-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:golang.orgxcrypto__0.43.0"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"product_status": {
"known_affected": [
"T048648",
"T002207",
"T027843"
]
},
"release_date": "2025-11-16T23:00:00.000+00:00",
"title": "CVE-2025-47913"
}
]
}
fkie_cve-2025-47913
Vulnerability from fkie_nvd
Published
2025-11-13 22:15
Modified
2025-11-14 16:42
Severity ?
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process."
}
],
"id": "CVE-2025-47913",
"lastModified": "2025-11-14T16:42:03.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-11-13T22:15:51.280",
"references": [
{
"source": "security@golang.org",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"source": "security@golang.org",
"url": "https://go.dev/cl/700295"
},
{
"source": "security@golang.org",
"url": "https://go.dev/issue/75178"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
msrc_cve-2025-47913
Vulnerability from csaf_microsoft
Published
2025-11-02 00:00
Modified
2025-11-25 01:37
Summary
Potential denial of service in golang.org/x/crypto/ssh/agent
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47913 Potential denial of service in golang.org/x/crypto/ssh/agent - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-47913.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Potential denial of service in golang.org/x/crypto/ssh/agent",
"tracking": {
"current_release_date": "2025-11-25T01:37:18.000Z",
"generator": {
"date": "2025-12-03T22:59:15.058Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-47913",
"initial_release_date": "2025-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-11-17T01:02:05.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-11-19T01:49:12.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2025-11-19T14:35:52.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2025-11-20T14:35:28.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
},
{
"date": "2025-11-25T01:37:18.000Z",
"legacy_version": "5",
"number": "5",
"summary": "Information published."
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 moby-compose 2.17.3-11",
"product": {
"name": "\u003ccbl2 moby-compose 2.17.3-11",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 moby-compose 2.17.3-11",
"product": {
"name": "cbl2 moby-compose 2.17.3-11",
"product_id": "20666"
}
}
],
"category": "product_name",
"name": "moby-compose"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 packer 1.9.5-15",
"product": {
"name": "\u003ccbl2 packer 1.9.5-15",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "cbl2 packer 1.9.5-15",
"product": {
"name": "cbl2 packer 1.9.5-15",
"product_id": "20538"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 packer 1.9.5-10",
"product": {
"name": "\u003cazl3 packer 1.9.5-10",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 packer 1.9.5-10",
"product": {
"name": "azl3 packer 1.9.5-10",
"product_id": "20566"
}
}
],
"category": "product_name",
"name": "packer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 docker-compose 2.27.0-5",
"product": {
"name": "\u003cazl3 docker-compose 2.27.0-5",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "azl3 docker-compose 2.27.0-5",
"product": {
"name": "azl3 docker-compose 2.27.0-5",
"product_id": "19334"
}
}
],
"category": "product_name",
"name": "docker-compose"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 kubevirt 1.5.0-5",
"product": {
"name": "\u003cazl3 kubevirt 1.5.0-5",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 kubevirt 1.5.0-5",
"product": {
"name": "azl3 kubevirt 1.5.0-5",
"product_id": "20656"
}
}
],
"category": "product_name",
"name": "kubevirt"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 docker-buildx 0.14.0-7",
"product": {
"name": "\u003cazl3 docker-buildx 0.14.0-7",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 docker-buildx 0.14.0-7",
"product": {
"name": "azl3 docker-buildx 0.14.0-7",
"product_id": "20667"
}
}
],
"category": "product_name",
"name": "docker-buildx"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 telegraf 1.31.0-10",
"product": {
"name": "\u003cazl3 telegraf 1.31.0-10",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "azl3 telegraf 1.31.0-10",
"product": {
"name": "azl3 telegraf 1.31.0-10",
"product_id": "19343"
}
}
],
"category": "product_name",
"name": "telegraf"
},
{
"category": "product_name",
"name": "azl3 libcontainers-common 20240213-3",
"product": {
"name": "azl3 libcontainers-common 20240213-3",
"product_id": "8"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 moby-compose 2.17.3-11 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 moby-compose 2.17.3-11 as a component of CBL Mariner 2.0",
"product_id": "20666-17086"
},
"product_reference": "20666",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 packer 1.9.5-15 as a component of CBL Mariner 2.0",
"product_id": "17086-5"
},
"product_reference": "5",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 packer 1.9.5-15 as a component of CBL Mariner 2.0",
"product_id": "20538-17086"
},
"product_reference": "20538",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 docker-compose 2.27.0-5 as a component of Azure Linux 3.0",
"product_id": "17084-7"
},
"product_reference": "7",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 docker-compose 2.27.0-5 as a component of Azure Linux 3.0",
"product_id": "19334-17084"
},
"product_reference": "19334",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kubevirt 1.5.0-5 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kubevirt 1.5.0-5 as a component of Azure Linux 3.0",
"product_id": "20656-17084"
},
"product_reference": "20656",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 libcontainers-common 20240213-3 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 packer 1.9.5-10 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 packer 1.9.5-10 as a component of Azure Linux 3.0",
"product_id": "20566-17084"
},
"product_reference": "20566",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 docker-buildx 0.14.0-7 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 docker-buildx 0.14.0-7 as a component of Azure Linux 3.0",
"product_id": "20667-17084"
},
"product_reference": "20667",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 telegraf 1.31.0-10 as a component of Azure Linux 3.0",
"product_id": "17084-6"
},
"product_reference": "6",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 telegraf 1.31.0-10 as a component of Azure Linux 3.0",
"product_id": "19343-17084"
},
"product_reference": "19343",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-8"
]
}
],
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20666-17086",
"20538-17086",
"19334-17084",
"20656-17084",
"20566-17084",
"20667-17084",
"19343-17084"
],
"known_affected": [
"17086-2",
"17086-5",
"17084-7",
"17084-3",
"17084-4",
"17084-1",
"17084-6"
],
"known_not_affected": [
"17084-8"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47913 Potential denial of service in golang.org/x/crypto/ssh/agent - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-47913.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "2.17.3-12:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "1.9.5-16:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-5"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "2.27.0-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-7"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "1.5.0-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "1.9.5-11:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "0.14.0-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-17T01:02:05.000Z",
"details": "1.31.0-11:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-6"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-2",
"17086-5",
"17084-7",
"17084-3",
"17084-4",
"17084-1",
"17084-6"
]
}
],
"title": "Potential denial of service in golang.org/x/crypto/ssh/agent"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…