{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-3408","title":"Title"},{"category":"description","text":"A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-3408","url":"https://www.suse.com/security/cve/CVE-2025-3408"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1240912 for CVE-2025-3408","url":"https://bugzilla.suse.com/1240912"}],"title":"SUSE CVE CVE-2025-3408","tracking":{"current_release_date":"2025-12-19T00:50:54Z","generator":{"date":"2025-04-09T01:36:58Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-3408","initial_release_date":"2025-04-09T01:36:58Z","revision_history":[{"date":"2025-04-09T01:36:58Z","number":"2","summary":"Current version"},{"date":"2025-12-17T00:51:27Z","number":"3","summary":"description changed"},{"date":"2025-12-19T00:50:54Z","number":"4","summary":"description changed"}],"status":"interim","version":"4"}}}