{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-15523","title":"Title"},{"category":"description","text":"MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions\ngranted by the user to the main application bundle. An attacker with local user access can\ninvoke this interpreter with arbitrary commands or scripts, leveraging the\napplication's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Inkscape, potentially disguising attacker's malicious intent.\n\nThis issue has been fixed in 1.4.3 version of Inkscape.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-15523","url":"https://www.suse.com/security/cve/CVE-2025-15523"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1257120 for CVE-2025-15523","url":"https://bugzilla.suse.com/1257120"}],"title":"SUSE CVE CVE-2025-15523","tracking":{"current_release_date":"2026-01-23T00:56:20Z","generator":{"date":"2026-01-23T00:56:20Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-15523","initial_release_date":"2026-01-23T00:56:20Z","revision_history":[{"date":"2026-01-23T00:56:20Z","number":"2","summary":"vulnerabilities added,references added,severity changed from  to moderate"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15 SP7","product":{"name":"SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Package Hub 15 SP7","product":{"name":"SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:packagehub:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP7","product":{"name":"SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp7"}}},{"category":"product_name","name":"SUSE Linux Enterprise Workstation Extension 15 SP7","product":{"name":"SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle-we:15:sp7"}}},{"category":"product_version","name":"inkscape","product":{"name":"inkscape","product_id":"inkscape","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape@?upstream=inkscape.src.rpm"}}},{"category":"product_version","name":"inkscape-extensions-extra","product":{"name":"inkscape-extensions-extra","product_id":"inkscape-extensions-extra","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape-extensions-extra@?upstream=inkscape.src.rpm"}}},{"category":"product_version","name":"inkscape-extensions-fig","product":{"name":"inkscape-extensions-fig","product_id":"inkscape-extensions-fig","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape-extensions-fig@?upstream=inkscape.src.rpm"}}},{"category":"product_version","name":"inkscape-extensions-gimp","product":{"name":"inkscape-extensions-gimp","product_id":"inkscape-extensions-gimp","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape-extensions-gimp@?upstream=inkscape.src.rpm"}}},{"category":"product_version","name":"inkscape-extensions-scribus","product":{"name":"inkscape-extensions-scribus","product_id":"inkscape-extensions-scribus","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape-extensions-scribus@?upstream=inkscape.src.rpm"}}},{"category":"product_version","name":"inkscape-lang","product":{"name":"inkscape-lang","product_id":"inkscape-lang","product_identification_helper":{"cpe":"cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/inkscape-lang@?upstream=inkscape.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"inkscape as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape"},"product_reference":"inkscape","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-extra as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-extra"},"product_reference":"inkscape-extensions-extra","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-fig as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-fig"},"product_reference":"inkscape-extensions-fig","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-gimp as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-gimp"},"product_reference":"inkscape-extensions-gimp","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-scribus as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-scribus"},"product_reference":"inkscape-extensions-scribus","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-lang as component of SUSE Linux Enterprise Module for Package Hub 15 SP7","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-lang"},"product_reference":"inkscape-lang","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:inkscape"},"product_reference":"inkscape","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-extra as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-extra"},"product_reference":"inkscape-extensions-extra","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-fig as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-fig"},"product_reference":"inkscape-extensions-fig","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-gimp as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-gimp"},"product_reference":"inkscape-extensions-gimp","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-lang as component of SUSE Linux Enterprise Server 15 SP7","product_id":"SUSE Linux Enterprise Server 15 SP7:inkscape-lang"},"product_reference":"inkscape-lang","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape"},"product_reference":"inkscape","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-extra as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-extra"},"product_reference":"inkscape-extensions-extra","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-fig as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-fig"},"product_reference":"inkscape-extensions-fig","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-gimp as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-gimp"},"product_reference":"inkscape-extensions-gimp","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-lang as component of SUSE Linux Enterprise Server for SAP Applications 15 SP7","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-lang"},"product_reference":"inkscape-lang","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:inkscape"},"product_reference":"inkscape","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-extra as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-extra"},"product_reference":"inkscape-extensions-extra","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-fig as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-fig"},"product_reference":"inkscape-extensions-fig","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-gimp as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-gimp"},"product_reference":"inkscape-extensions-gimp","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-lang as component of SUSE Linux Enterprise Desktop 15 SP7","product_id":"SUSE Linux Enterprise Desktop 15 SP7:inkscape-lang"},"product_reference":"inkscape-lang","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape as component of SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape"},"product_reference":"inkscape","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-extra as component of SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-extra"},"product_reference":"inkscape-extensions-extra","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-fig as component of SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-fig"},"product_reference":"inkscape-extensions-fig","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-extensions-gimp as component of SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-gimp"},"product_reference":"inkscape-extensions-gimp","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"inkscape-lang as component of SUSE Linux Enterprise Workstation Extension 15 SP7","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-lang"},"product_reference":"inkscape-lang","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP7"}]},"vulnerabilities":[{"cve":"CVE-2025-15523","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-15523"}],"notes":[{"category":"general","text":"MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions\ngranted by the user to the main application bundle. An attacker with local user access can\ninvoke this interpreter with arbitrary commands or scripts, leveraging the\napplication's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Inkscape, potentially disguising attacker's malicious intent.\n\nThis issue has been fixed in 1.4.3 version of Inkscape.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Linux Enterprise Desktop 15 SP7:inkscape","SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-extra","SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-fig","SUSE Linux Enterprise Desktop 15 SP7:inkscape-extensions-gimp","SUSE Linux Enterprise Desktop 15 SP7:inkscape-lang","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-extra","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-fig","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-gimp","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-extensions-scribus","SUSE Linux Enterprise Module for Package Hub 15 SP7:inkscape-lang","SUSE Linux Enterprise Server 15 SP7:inkscape","SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-extra","SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-fig","SUSE Linux Enterprise Server 15 SP7:inkscape-extensions-gimp","SUSE Linux Enterprise Server 15 SP7:inkscape-lang","SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape","SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-extra","SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-fig","SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-extensions-gimp","SUSE Linux Enterprise Server for SAP Applications 15 SP7:inkscape-lang","SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape","SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-extra","SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-fig","SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-extensions-gimp","SUSE Linux Enterprise Workstation Extension 15 SP7:inkscape-lang"]},"references":[{"category":"external","summary":"CVE-2025-15523","url":"https://www.suse.com/security/cve/CVE-2025-15523"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1257120 for CVE-2025-15523","url":"https://bugzilla.suse.com/1257120"}],"threats":[{"category":"impact","date":"2026-01-22T17:02:42Z","details":"moderate"}],"title":"CVE-2025-15523"}]}