{}

{}

{}

{"acknowledgement": "Red Hat would like to thank Antony Di Scala and Mike Whale for reporting this issue.", "bugzilla": {"description": "mirror-registry: Local privilege escalation due to incorrect permissions in mirror-registry", "id": "2359143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359143"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-276", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "There's currently no mitigation available for this issue."}, "name": "CVE-2025-3528", "package_state": [{"cpe": "cpe:/a:redhat:mirror_registry:1", "fix_state": "Affected", "package_name": "mirror-registry-container", "product_name": "mirror registry for Red Hat OpenShift"}], "public_date": "2024-04-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-3528\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-3528"], "statement": "This issue was classified as with Important severity by the Red Hat Product Security issue accordingly to the severity ratings described at https://access.redhat.com/security/updates/classification. This choice was made by the fact the attacker, when a successfully attack is performed, can manage to elevate its own privilege to the root user.", "threat_severity": "Important"}