govulncheck-vulndb-0.0.20250918T182144-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16628 Final 1 1 2025-09-19T00:00:00Z current 2025-09-19T00:00:00Z 2025-09-19T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z govulncheck-vulndb-0.0.20250918T182144-1.1 on GA media These are all security issues fixed in the govulncheck-vulndb-0.0.20250918T182144-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16628 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-47906/ SUSE CVE CVE-2025-47906 page https://www.suse.com/security/cve/CVE-2025-5187/ SUSE CVE CVE-2025-5187 page openSUSE Tumbleweed govulncheck-vulndb-0.0.20250918T182144-1.1 govulncheck-vulndb-0.0.20250918T182144-1.1 as a component of openSUSE Tumbleweed If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned. CVE-2025-47906 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250918T182144-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-47906.html CVE-2025-47906 https://bugzilla.suse.com/1247719 SUSE Bug 1247719 A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. CVE-2025-5187 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250918T182144-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-5187.html CVE-2025-5187 https://bugzilla.suse.com/1248812 SUSE Bug 1248812