Upstream information

CVE-2025-22868 at MITRE

Description

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

SUSE information

Overall state of this security issue: New

This issue is currently rated as having important severity.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Module for Package Hub 15 SP6
  • govulncheck-vulndb >= 0.0.20250226T025151-150000.1.35.1
 Patchnames:
SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-770
openSUSE Leap 15.6
  • govulncheck-vulndb >= 0.0.20250226T025151-150000.1.35.1
 Patchnames:
openSUSE-SLE-15.6-2025-770
openSUSE Tumbleweed
  • govulncheck-vulndb >= 0.0.20250226T025151-1.1
  • teleport >= 17.2.9-1.1
  • teleport-bash-completion >= 17.2.9-1.1
  • teleport-fdpass-teleport >= 17.2.9-1.1
  • teleport-tbot >= 17.2.9-1.1
  • teleport-tbot-bash-completion >= 17.2.9-1.1
  • teleport-tbot-zsh-completion >= 17.2.9-1.1
  • teleport-tctl >= 17.2.9-1.1
  • teleport-tctl-bash-completion >= 17.2.9-1.1
  • teleport-tctl-zsh-completion >= 17.2.9-1.1
  • teleport-tsh >= 17.2.9-1.1
  • teleport-tsh-bash-completion >= 17.2.9-1.1
  • teleport-tsh-zsh-completion >= 17.2.9-1.1
  • teleport-zsh-completion >= 17.2.9-1.1
 Patchnames:
openSUSE-Tumbleweed-2025-14839
openSUSE-Tumbleweed-2025-14843

SUSE Timeline for this CVE

CVE page created: Wed Feb 26 16:00:25 2025
CVE page last modified: Mon Mar 3 17:03:48 2025