VDB
OESA-2025-2258
OESA-2025-2258
PUBLISHED
CVSS 8.399999618530273 HIGH
buildah security update
Risk Scores
CVSS 4.0
8.399999618530273
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openEuler:24.03-LTS | buildah | 0, 0 |
Exploit Intelligence
- Proof of Concept for CVE-2024-45337 against Gitea and Forgejo (github-poc-repo)
- Fork of gogs/gogs for reachability benchmark testing (CVE-2024-45337) (github-poc-repo)
- Fork of gogs/gogs for reachability benchmark testing (CVE-2024-45337) (github-poc)
- Proof of Concept for CVE-2024-45337 against Gitea and Forgejo (github-poc)
- An example project that showcases golang code vulnerable to CVE-2024-45337 (github-poc)
- Proof of concept (POC) for CVE-2024-45337 (github-poc)
- .trivyignore.yaml (github-poc)
- DemoReseedInfra.kt (github-poc)
- ssh.go (github-poc)
- cve.pl (github-poc)
…and 1 more exploits
Timeline
- Sep 12, 2025 CVE Published
- Sep 12, 2025 CVE Updated
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
References
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2258 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-45337 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-9341 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-9407 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-27144 advisory