Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/89314?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/89314?format=api", "purl": "pkg:rpm/redhat/acm-operator-bundle@container-v2.12?arch=5-9", "type": "rpm", "namespace": "redhat", "name": "acm-operator-bundle", "version": "container-v2.12", "qualifiers": { "arch": "5-9" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29826?format=api", "vulnerability_id": "VCID-4pq8-1dxx-37gj", "summary": "form-data uses unsafe random function in form-data for choosing boundary\n### Summary\n\nform-data uses `Math.random()` to select a boundary value for multipart form-encoded data. This can lead to a security issue if an attacker:\n1. can observe other values produced by Math.random in the target application, and\n2. can control one field of a request made using form-data\n\nBecause the values of Math.random() are pseudo-random and predictable (see: https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f) an attacker who can observe a few sequential values can determine the state of the PRNG and predict future values, includes those used to generate form-data's boundary value. The allows the attacker to craft a value that contains a boundary value, allowing them to inject additional parameters into the request.\n\nThis is largely the same vulnerability as was [recently found in `undici`](https://hackerone.com/reports/2913312) by [`parrot409`](https://hackerone.com/parrot409?type=user) -- I'm not affiliated with that researcher but want to give credit where credit is due! My PoC is largely based on their work.\n\n### Details\n\nThe culprit is this line here: https://github.com/form-data/form-data/blob/426ba9ac440f95d1998dac9a5cd8d738043b048f/lib/form_data.js#L347\n\nAn attacker who is able to predict the output of Math.random() can predict this boundary value, and craft a payload that contains the boundary value, followed by another, fully attacker-controlled field. This is roughly equivalent to any sort of improper escaping vulnerability, with the caveat that the attacker must find a way to observe other Math.random() values generated by the application to solve for the state of the PRNG. However, Math.random() is used in all sorts of places that might be visible to an attacker (including by form-data itself, if the attacker can arrange for the vulnerable application to make a request to an attacker-controlled server using form-data, such as a user-controlled webhook -- the attacker could observe the boundary values from those requests to observe the Math.random() outputs). A common example would be a `x-request-id` header added by the server. These sorts of headers are often used for distributed tracing, to correlate errors across the frontend and backend. `Math.random()` is a fine place to get these sorts of IDs (in fact, [opentelemetry uses Math.random for this purpose](https://github.com/open-telemetry/opentelemetry-js/blob/2053f0d3a44631ade77ea04f656056a2c8a2ae76/packages/opentelemetry-sdk-trace-base/src/platform/node/RandomIdGenerator.ts#L22))\n\n### PoC\n\nPoC here: https://github.com/benweissmann/CVE-2025-7783-poc\n\nInstructions are in that repo. It's based on the PoC from https://hackerone.com/reports/2913312 but simplified somewhat; the vulnerable application has a more direct side-channel from which to observe Math.random() values (a separate endpoint that happens to include a randomly-generated request ID). \n\n### Impact\n\nFor an application to be vulnerable, it must:\n- Use `form-data` to send data including user-controlled data to some other system. The attacker must be able to do something malicious by adding extra parameters (that were not intended to be user-controlled) to this request. Depending on the target system's handling of repeated parameters, the attacker might be able to overwrite values in addition to appending values (some multipart form handlers deal with repeats by overwriting values instead of representing them as an array)\n- Reveal values of Math.random(). It's easiest if the attacker can observe multiple sequential values, but more complex math could recover the PRNG state to some degree of confidence with non-sequential values. \n\nIf an application is vulnerable, this allows an attacker to make arbitrary requests to internal systems.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31742", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31712", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3184", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54458", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54442", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61585", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6158", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6159", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61548", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61569", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6361", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7783" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/benweissmann/CVE-2025-7783-poc", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/benweissmann/CVE-2025-7783-poc" }, { "reference_url": "https://github.com/form-data/form-data", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/form-data/form-data" }, { "reference_url": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-22T14:54:27Z/" } ], "url": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0" }, { "reference_url": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-22T14:54:27Z/" } ], "url": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00023.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00023.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109551", "reference_id": "1109551", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109551" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381959", "reference_id": "2381959", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14886", "reference_id": "RHSA-2025:14886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14919", "reference_id": "RHSA-2025:14919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15771", "reference_id": "RHSA-2025:15771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16101", "reference_id": "RHSA-2025:16101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16113", "reference_id": "RHSA-2025:16113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16918", "reference_id": "RHSA-2025:16918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17501", "reference_id": "RHSA-2025:17501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18278", "reference_id": "RHSA-2025:18278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18744", "reference_id": "RHSA-2025:18744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20047", "reference_id": "RHSA-2025:20047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:20047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21704", "reference_id": "RHSA-2025:21704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2737", "reference_id": "RHSA-2026:2737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2800", "reference_id": "RHSA-2026:2800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3406", "reference_id": "RHSA-2026:3406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3406" }, { "reference_url": "https://usn.ubuntu.com/7976-1/", "reference_id": "USN-7976-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7976-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-7783", "GHSA-fjxv-7rqg-78g4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pq8-1dxx-37gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28196?format=api", "vulnerability_id": "VCID-eraj-dyxs-xkfd", "summary": "sha.js is missing type checks leading to hash rewind and passing on crafted data\n### Summary\n\nThis is the same as [GHSA-cpq7-6gpm-g9rc](https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc) but just for `sha.js`, as it has its own implementation.\n\nMissing input type checks can allow types other than a well-formed `Buffer` or `string`, resulting in invalid values, hanging and rewinding the hash state (including turning a tagged hash into an untagged hash), or other generally undefined behaviour.\n\n### Details\n\nSee PoC\n\n### PoC\n```js\nconst forgeHash = (data, payload) => JSON.stringify([payload, { length: -payload.length}, [...data]])\n\nconst sha = require('sha.js')\nconst { randomBytes } = require('crypto')\n\nconst sha256 = (...messages) => {\n const hash = sha('sha256')\n messages.forEach((m) => hash.update(m))\n return hash.digest('hex')\n}\n\nconst validMessage = [randomBytes(32), randomBytes(32), randomBytes(32)] // whatever\n\nconst payload = forgeHash(Buffer.concat(validMessage), 'Hashed input means safe')\nconst receivedMessage = JSON.parse(payload) // e.g. over network, whatever\n\nconsole.log(sha256(...validMessage))\nconsole.log(sha256(...receivedMessage))\nconsole.log(receivedMessage[0])\n```\n\nOutput:\n```\n638d5bf3ca5d1decf7b78029f1c4a58558143d62d0848d71e27b2a6ff312d7c4\n638d5bf3ca5d1decf7b78029f1c4a58558143d62d0848d71e27b2a6ff312d7c4\nHashed input means safe\n```\n\nOr just:\n```console\n> require('sha.js')('sha256').update('foo').digest('hex')\n'2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae'\n> require('sha.js')('sha256').update('fooabc').update({length:-3}).digest('hex')\n'2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae'\n```\n\n### Impact\n\n1. Hash state rewind on `{length: -x}`. This is behind the PoC above, also this way an attacker can turn a tagged hash in cryptographic libraries into an untagged hash.\n2. Value miscalculation, e.g. a collision is generated by `{ length: buf.length, ...buf, 0: buf[0] + 256 }`\n This will result in the same hash as of `buf`, but can be treated by other code differently (e.g. bn.js)\n4. DoS on `{length:'1e99'}`\n5. On a subsequent system, (2) can turn into matching hashes but different numeric representations, leading to issues up to private key extraction from cryptography libraries (as nonce is often generated through a hash, and matching nonces for different values often immediately leads to private key restoration)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9288.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9288.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13603", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13682", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13673", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.1376", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13819", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.1381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1512", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15177", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1499", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9288" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/browserify/sha.js", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/browserify/sha.js" }, { "reference_url": "https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5" }, { "reference_url": "https://github.com/browserify/sha.js/pull/78", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-21T13:25:33Z/" } ], "url": "https://github.com/browserify/sha.js/pull/78" }, { "reference_url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-21T13:25:33Z/" } ], "url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00016.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2025-9287", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-21T13:25:33Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111769", "reference_id": "1111769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111769" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980", "reference_id": "2389980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980" }, { "reference_url": "https://github.com/advisories/GHSA-95m3-7q98-8xr5", "reference_id": "GHSA-95m3-7q98-8xr5", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-95m3-7q98-8xr5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14474", "reference_id": "RHSA-2025:14474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14767", "reference_id": "RHSA-2025:14767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15847", "reference_id": "RHSA-2025:15847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16020", "reference_id": "RHSA-2025:16020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18278", "reference_id": "RHSA-2025:18278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18744", "reference_id": "RHSA-2025:18744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22905", "reference_id": "RHSA-2025:22905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3710", "reference_id": "RHSA-2026:3710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3712", "reference_id": "RHSA-2026:3712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3712" }, { "reference_url": "https://usn.ubuntu.com/7778-1/", "reference_id": "USN-7778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7778-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-9288", "GHSA-95m3-7q98-8xr5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eraj-dyxs-xkfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29834?format=api", "vulnerability_id": "VCID-fr74-wcxv-quam", "summary": "Helm vulnerable to Code Injection through malicious chart.yaml content\nA Helm contributor discovered that a specially crafted `Chart.yaml` file along with a specially linked `Chart.lock` file can lead to local code execution when dependencies are updated.\n\n### Impact\n\nFields in a `Chart.yaml` file, that are carried over to a `Chart.lock` file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a `bash.rc` file or shell script). If the `Chart.lock` file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking.\n\nThis affects when dependencies are updated. When using the `helm` command this happens when `helm dependency update` is run. `helm dependency build` can write a lock file when one does not exist but this vector requires one to already exist. This affects the Helm SDK when the downloader `Manager` performs an update.\n\n### Patches\n\nThis issue has been resolved in Helm v3.18.4\n\n### Workarounds\n\nEnsure the `Chart.lock` file in a chart is not a symlink prior to updating dependencies.\n\n### For more information\n\nHelm's security policy is spelled out in detail in our [SECURITY](https://github.com/helm/community/blob/master/SECURITY.md) document.\n\n### Credits\n\nDisclosed by Jakub Ciolek at AlphaSense.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06429", "published_at": "2026-05-05T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00842", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00841", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00847", "published_at": "2026-04-18T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00857", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00853", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00903", "published_at": "2026-04-26T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00899", "published_at": "2026-04-29T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00859", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00856", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/helm/helm", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/helm/helm" }, { "reference_url": "https://github.com/helm/helm/commit/4b8e61093d8f579f1165cdc6bd4b43fa5455f571", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:26:40Z/" } ], "url": "https://github.com/helm/helm/commit/4b8e61093d8f579f1165cdc6bd4b43fa5455f571" }, { "reference_url": "https://github.com/helm/helm/security/advisories/GHSA-557j-xg8c-q2mm", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:26:40Z/" } ], "url": "https://github.com/helm/helm/security/advisories/GHSA-557j-xg8c-q2mm" }, { "reference_url": "https://news.ycombinator.com/item?id=44506696", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://news.ycombinator.com/item?id=44506696" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53547", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53547" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378905", "reference_id": "2378905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14821", "reference_id": "RHSA-2025:14821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15345", "reference_id": "RHSA-2025:15345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15681", "reference_id": "RHSA-2025:15681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16113", "reference_id": "RHSA-2025:16113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16161", "reference_id": "RHSA-2025:16161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16166", "reference_id": "RHSA-2025:16166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16526", "reference_id": "RHSA-2025:16526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16527", "reference_id": "RHSA-2025:16527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16529", "reference_id": "RHSA-2025:16529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16530", "reference_id": "RHSA-2025:16530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16535", "reference_id": "RHSA-2025:16535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17672", "reference_id": "RHSA-2025:17672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18242", "reference_id": "RHSA-2025:18242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18278", "reference_id": "RHSA-2025:18278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18744", "reference_id": "RHSA-2025:18744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9562", "reference_id": "RHSA-2025:9562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9562" } ], "fixed_packages": [], "aliases": [ "CVE-2025-53547", "GHSA-557j-xg8c-q2mm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fr74-wcxv-quam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28130?format=api", "vulnerability_id": "VCID-tt31-4d54-k7cz", "summary": "cipher-base is missing type checks, leading to hash rewind and passing on crafted data\n### Summary\n\nThis affects e.g. `create-hash` (and `crypto-browserify`), so I'll describe the issue against that package\nAlso affects `create-hmac` and other packages\n\nNode.js `createHash` works only on strings or instances of Buffer, TypedArray, or DataView.\n\nMissing input type checks (in npm `create-hash` polyfill of Node.js `createHash`) can allow types other than a well-formed `Buffer` or `string`, resulting in invalid values, hanging and rewinding the hash state (including turning a tagged hash into an untagged hash), or other generally undefined behaviour.\n\n### Details\n\nSee PoC\n\n### PoC\n```js\nconst createHash = require('create-hash/browser.js')\nconst { randomBytes } = require('crypto')\n\nconst sha256 = (...messages) => {\n const hash = createHash('sha256')\n messages.forEach((m) => hash.update(m))\n return hash.digest('hex')\n}\n\nconst validMessage = [randomBytes(32), randomBytes(32), randomBytes(32)] // whatever\n\nconst payload = forgeHash(Buffer.concat(validMessage), 'Hashed input means safe')\nconst receivedMessage = JSON.parse(payload) // e.g. over network, whatever\n\nconsole.log(sha256(...validMessage))\nconsole.log(sha256(...receivedMessage))\nconsole.log(receivedMessage[0])\n```\n\nOutput:\n```\n9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9\n9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9\nHashed input means safe\n```\n\nThis works with:\n```js\nconst forgeHash = (valid, wanted) => JSON.stringify([wanted, { length: -wanted.length }, { ...valid, length: valid.length }])\n```\n\nBut there are other types of input which lead to unchecked results\n\n### Impact\n\n1. Hash state rewind on `{length: -x}`. This is behind the PoC above, also this way an attacker can turn a tagged hash in cryptographic libraries into an untagged hash.\n2. Value miscalculation, e.g. a collision is generated by `{ length: buf.length, ...buf, 0: buf[0] + 256 }`\n This will result in the same hash as of `buf`, but can be treated by other code differently (e.g. bn.js)\n4. DoS on `{length:'1e99'}`\n5. On a subsequent system, (2) can turn into matching hashes but different numeric representations, leading to issues up to private key extraction from cryptography libraries (as nonce is often generated through a hash, and matching nonces for different values often immediately leads to private key restoration, like [GHSA-vjh7-7g9h-fjfh](https://github.com/indutny/elliptic/security/advisories/GHSA-vjh7-7g9h-fjfh))\n6. Also, other typed arrays results are invalid, e.g. returned hash of `new Uint16Array(5)` is the same as `new Uint8Array(5)`, not `new Uint16Array(10)` as it should have been (and is in Node.js `crypto`) -- same for arrays with values non-zero, their hashes are just truncated to `%256` instead of converted to correct bytelength", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9287.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9287.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28605", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28798", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28449", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28565", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28615", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28668", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28711", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29928", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30006", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29793", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9287" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/browserify/cipher-base", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/browserify/cipher-base" }, { "reference_url": "https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294" }, { "reference_url": "https://github.com/browserify/cipher-base/pull/23", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-21T13:25:49Z/" } ], "url": "https://github.com/browserify/cipher-base/pull/23" }, { "reference_url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-21T13:25:49Z/" } ], "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111772", "reference_id": "1111772", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111772" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932", "reference_id": "2389932", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932" }, { "reference_url": "https://github.com/advisories/GHSA-cpq7-6gpm-g9rc", "reference_id": "GHSA-cpq7-6gpm-g9rc", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cpq7-6gpm-g9rc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14767", "reference_id": "RHSA-2025:14767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15847", "reference_id": "RHSA-2025:15847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16020", "reference_id": "RHSA-2025:16020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18278", "reference_id": "RHSA-2025:18278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18744", "reference_id": "RHSA-2025:18744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22905", "reference_id": "RHSA-2025:22905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3710", "reference_id": "RHSA-2026:3710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3712", "reference_id": "RHSA-2026:3712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3712" }, { "reference_url": "https://usn.ubuntu.com/7746-1/", "reference_id": "USN-7746-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7746-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-9287", "GHSA-cpq7-6gpm-g9rc" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt31-4d54-k7cz" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/acm-operator-bundle@container-v2.12%3Farch=5-9" }