CVE-2025-23394 | SUSE openSUSE Tumbleweed 2.5.0-1.1 cyrus-imapd symlink

Inserito da Angelo Barbosa | Mag 26, 2025 | CVE

A vulnerability classified as critical was found in SUSE openSUSE Tumbleweed 2.5.0-1.1. Affected by this vulnerability is an unknown functionality of the component cyrus-imapd. The manipulation leads to symlink following.

This vulnerability is known as CVE-2025-23394. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23394 | SUSE openSUSE Tumbleweed 2.5.0-1.1 cyrus-imapd symlink

Post correlati

CVE-2025-27091 | Cisco OpenH264 up to 2.5.x Decoding heap-based overflow (GHSA-m99q-5j7x-7m9x)

CVE-2025-4609 | Google Chrome up to 136.0.7103.92 Mojo privilege escalation

CVE-2024-52032 | Mattermost up to 9.11.2/10.0.0 Channel Name information disclosure

CVE-2024-30048 | Microsoft Dynamics 365 Customer Insights cross site scripting