{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-61772","title":"Title"},{"category":"description","text":"Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part's header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS). Attackers can send incomplete multipart headers to trigger high memory use, leading to process termination (OOM) or severe slowdown. The effect scales with request size limits and concurrency. All applications handling multipart uploads may be affected. Versions 2.2.19, 3.1.17, and 3.2.2 cap per-part header size (e.g., 64 KiB). As a workaround, restrict maximum request sizes at the proxy or web server layer (e.g., Nginx `client_max_body_size`).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-61772","url":"https://www.suse.com/security/cve/CVE-2025-61772"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1251242 for CVE-2025-61772","url":"https://bugzilla.suse.com/1251242"},{"category":"external","summary":"Advisory link for RHSA-2025:19512","url":"https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-November/002167.html"},{"category":"external","summary":"Advisory link for RHSA-2025:19719","url":"https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-November/002181.html"}],"title":"SUSE CVE CVE-2025-61772","tracking":{"current_release_date":"2026-03-05T14:02:47Z","generator":{"date":"2025-10-07T23:25:19Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-61772","initial_release_date":"2025-10-07T23:25:19Z","revision_history":[{"date":"2025-10-07T23:25:19Z","number":"2","summary":"Current version"},{"date":"2025-10-10T23:22:55Z","number":"3","summary":"Current version"},{"date":"2025-11-05T07:31:36Z","number":"4","summary":"Current version"},{"date":"2025-11-06T00:24:02Z","number":"5","summary":"Current version"},{"date":"2025-11-07T00:24:13Z","number":"6","summary":"Current version"},{"date":"2025-12-17T00:27:22Z","number":"7","summary":"description changed"},{"date":"2025-12-19T00:27:11Z","number":"8","summary":"description changed"},{"date":"2026-03-05T14:02:47Z","number":"9","summary":"more updates released"}],"status":"interim","version":"9"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Liberty Linux 8","product":{"name":"SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8","product_identification_helper":{"cpe":"cpe:/o:suse:sll:8"}}},{"category":"product_name","name":"SUSE Liberty Linux 9","product":{"name":"SUSE Liberty Linux 9","product_id":"SUSE Liberty Linux 9","product_identification_helper":{"cpe":"cpe:/o:suse:sll:9"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Availability Extension 15 SP3","product":{"name":"SUSE Linux Enterprise High Availability Extension 15 SP3","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sle-ha:15:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Availability Extension 15 SP4","product":{"name":"SUSE Linux Enterprise High Availability Extension 15 SP4","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-ha:15:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Availability Extension 15 SP5","product":{"name":"SUSE Linux Enterprise High Availability Extension 15 SP5","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-ha:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Availability Extension 15 SP6","product":{"name":"SUSE Linux Enterprise High Availability Extension 15 SP6","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sle-ha:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Availability Extension 15 SP7","product":{"name":"SUSE Linux Enterprise High Availability Extension 15 SP7","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP7","product_identification_helper":{"cpe":"cpe:/o:suse:sle-ha:15:sp7"}}},{"category":"product_name","name":"openSUSE Leap 15.6","product":{"name":"openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.6"}}},{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}},{"category":"product_version","name":"pcs-0.10.18-2.el8_10.7","product":{"name":"pcs-0.10.18-2.el8_10.7","product_id":"pcs-0.10.18-2.el8_10.7","product_identification_helper":{"purl":"pkg:rpm/suse/pcs@0.10.18-2.el8_10.7"}}},{"category":"product_version","name":"pcs-0.11.9-2.el9_6.2","product":{"name":"pcs-0.11.9-2.el9_6.2","product_id":"pcs-0.11.9-2.el9_6.2","product_identification_helper":{"purl":"pkg:rpm/suse/pcs@0.11.9-2.el9_6.2"}}},{"category":"product_version","name":"pcs-snmp-0.10.18-2.el8_10.7","product":{"name":"pcs-snmp-0.10.18-2.el8_10.7","product_id":"pcs-snmp-0.10.18-2.el8_10.7","product_identification_helper":{"purl":"pkg:rpm/suse/pcs-snmp@0.10.18-2.el8_10.7"}}},{"category":"product_version","name":"pcs-snmp-0.11.9-2.el9_6.2","product":{"name":"pcs-snmp-0.11.9-2.el9_6.2","product_id":"pcs-snmp-0.11.9-2.el9_6.2","product_identification_helper":{"purl":"pkg:rpm/suse/pcs-snmp@0.11.9-2.el9_6.2"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack","product":{"name":"ruby2.5-rubygem-rack","product_id":"ruby2.5-rubygem-rack","product_identification_helper":{"cpe":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ruby2.5-rubygem-rack@?upstream=rubygem-rack.src.rpm"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack-1_6","product":{"name":"ruby2.5-rubygem-rack-1_6","product_id":"ruby2.5-rubygem-rack-1_6","product_identification_helper":{"purl":"pkg:rpm/suse/ruby2.5-rubygem@rack-1_6"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack-doc","product":{"name":"ruby2.5-rubygem-rack-doc","product_id":"ruby2.5-rubygem-rack-doc","product_identification_helper":{"cpe":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ruby2.5-rubygem-rack-doc@?upstream=rubygem-rack.src.rpm"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack-doc-1_6","product":{"name":"ruby2.5-rubygem-rack-doc-1_6","product_id":"ruby2.5-rubygem-rack-doc-1_6","product_identification_helper":{"purl":"pkg:rpm/suse/ruby2.5-rubygem-rack@doc-1_6?upstream=rubygem-rack-doc-1_6.src.rpm"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack-testsuite","product":{"name":"ruby2.5-rubygem-rack-testsuite","product_id":"ruby2.5-rubygem-rack-testsuite","product_identification_helper":{"cpe":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/ruby2.5-rubygem-rack-testsuite@?upstream=rubygem-rack.src.rpm"}}},{"category":"product_version","name":"ruby2.5-rubygem-rack-testsuite-1_6","product":{"name":"ruby2.5-rubygem-rack-testsuite-1_6","product_id":"ruby2.5-rubygem-rack-testsuite-1_6","product_identification_helper":{"purl":"pkg:rpm/suse/ruby2.5-rubygem-rack@testsuite-1_6?upstream=rubygem-rack-testsuite-1_6.src.rpm"}}},{"category":"product_version","name":"ruby3.4-rubygem-rack-2.2-2.2.19-1.1","product":{"name":"ruby3.4-rubygem-rack-2.2-2.2.19-1.1","product_id":"ruby3.4-rubygem-rack-2.2-2.2.19-1.1","product_identification_helper":{"purl":"pkg:rpm/suse/ruby3.4-rubygem-rack-2.2@2.2.19-1.1"}}},{"category":"product_version","name":"ruby4.0-rubygem-rack-2.2-2.2.22-1.1","product":{"name":"ruby4.0-rubygem-rack-2.2-2.2.22-1.1","product_id":"ruby4.0-rubygem-rack-2.2-2.2.22-1.1","product_identification_helper":{"purl":"pkg:rpm/suse/ruby4.0-rubygem-rack-2.2@2.2.22-1.1"}}},{"category":"product_version","name":"rubygem-rack","product":{"name":"rubygem-rack","product_id":"rubygem-rack","product_identification_helper":{"cpe":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/rubygem-rack@?upstream=rubygem-rack.src.rpm"}}},{"category":"product_version","name":"rubygem-rack-1_6","product":{"name":"rubygem-rack-1_6","product_id":"rubygem-rack-1_6","product_identification_helper":{"cpe":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/rubygem@rack-1_6"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"pcs-0.10.18-2.el8_10.7 as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:pcs-0.10.18-2.el8_10.7"},"product_reference":"pcs-0.10.18-2.el8_10.7","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"pcs-snmp-0.10.18-2.el8_10.7 as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:pcs-snmp-0.10.18-2.el8_10.7"},"product_reference":"pcs-snmp-0.10.18-2.el8_10.7","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"pcs-0.11.9-2.el9_6.2 as component of SUSE Liberty Linux 9","product_id":"SUSE Liberty Linux 9:pcs-0.11.9-2.el9_6.2"},"product_reference":"pcs-0.11.9-2.el9_6.2","relates_to_product_reference":"SUSE Liberty Linux 9"},{"category":"default_component_of","full_product_name":{"name":"pcs-snmp-0.11.9-2.el9_6.2 as component of SUSE Liberty Linux 9","product_id":"SUSE Liberty Linux 9:pcs-snmp-0.11.9-2.el9_6.2"},"product_reference":"pcs-snmp-0.11.9-2.el9_6.2","relates_to_product_reference":"SUSE Liberty Linux 9"},{"category":"default_component_of","full_product_name":{"name":"ruby3.4-rubygem-rack-2.2-2.2.19-1.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:ruby3.4-rubygem-rack-2.2-2.2.19-1.1"},"product_reference":"ruby3.4-rubygem-rack-2.2-2.2.19-1.1","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"ruby4.0-rubygem-rack-2.2-2.2.22-1.1 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:ruby4.0-rubygem-rack-2.2-2.2.22-1.1"},"product_reference":"ruby4.0-rubygem-rack-2.2-2.2.22-1.1","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP3","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP3:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP3"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP3","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP3:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP3"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP4","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP4:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP4","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP4:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP5","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP5:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP5","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP5:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP6","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP6:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP6","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP6:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP7","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP7:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of SUSE Linux Enterprise High Availability Extension 15 SP7","product_id":"SUSE Linux Enterprise High Availability Extension 15 SP7:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"SUSE Linux Enterprise High Availability Extension 15 SP7"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack"},"product_reference":"ruby2.5-rubygem-rack","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack-doc as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack-doc"},"product_reference":"ruby2.5-rubygem-rack-doc","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack-testsuite as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack-testsuite"},"product_reference":"ruby2.5-rubygem-rack-testsuite","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:rubygem-rack"},"product_reference":"rubygem-rack","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack-1_6 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack-1_6"},"product_reference":"ruby2.5-rubygem-rack-1_6","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack-doc-1_6 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack-doc-1_6"},"product_reference":"ruby2.5-rubygem-rack-doc-1_6","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"ruby2.5-rubygem-rack-testsuite-1_6 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:ruby2.5-rubygem-rack-testsuite-1_6"},"product_reference":"ruby2.5-rubygem-rack-testsuite-1_6","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"rubygem-rack-1_6 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:rubygem-rack-1_6"},"product_reference":"rubygem-rack-1_6","relates_to_product_reference":"openSUSE Leap 15.6"}]},"vulnerabilities":[{"cve":"CVE-2025-61772","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-61772"}],"notes":[{"category":"general","text":"Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part's header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS). Attackers can send incomplete multipart headers to trigger high memory use, leading to process termination (OOM) or severe slowdown. The effect scales with request size limits and concurrency. All applications handling multipart uploads may be affected. Versions 2.2.19, 3.1.17, and 3.2.2 cap per-part header size (e.g., 64 KiB). As a workaround, restrict maximum request sizes at the proxy or web server layer (e.g., Nginx `client_max_body_size`).","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise High Availability Extension 15 SP3:ruby2.5-rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP3:rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP4:ruby2.5-rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP4:rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP5:ruby2.5-rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP5:rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP6:ruby2.5-rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP6:rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP7:ruby2.5-rubygem-rack","SUSE Linux Enterprise High Availability Extension 15 SP7:rubygem-rack","openSUSE Leap 15.6:ruby2.5-rubygem-rack","openSUSE Leap 15.6:ruby2.5-rubygem-rack-doc","openSUSE Leap 15.6:ruby2.5-rubygem-rack-testsuite","openSUSE Leap 15.6:rubygem-rack"],"known_not_affected":["openSUSE Leap 15.6:ruby2.5-rubygem-rack-1_6","openSUSE Leap 15.6:ruby2.5-rubygem-rack-doc-1_6","openSUSE Leap 15.6:ruby2.5-rubygem-rack-testsuite-1_6","openSUSE Leap 15.6:rubygem-rack-1_6"],"recommended":["SUSE Liberty Linux 8:pcs-0.10.18-2.el8_10.7","SUSE Liberty Linux 8:pcs-snmp-0.10.18-2.el8_10.7","SUSE Liberty Linux 9:pcs-0.11.9-2.el9_6.2","SUSE Liberty Linux 9:pcs-snmp-0.11.9-2.el9_6.2","openSUSE Tumbleweed:ruby3.4-rubygem-rack-2.2-2.2.19-1.1","openSUSE Tumbleweed:ruby4.0-rubygem-rack-2.2-2.2.22-1.1"]},"references":[{"category":"external","summary":"CVE-2025-61772","url":"https://www.suse.com/security/cve/CVE-2025-61772"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1251242 for CVE-2025-61772","url":"https://bugzilla.suse.com/1251242"},{"category":"external","summary":"Advisory link for RHSA-2025:19512","url":"https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-November/002167.html"},{"category":"external","summary":"Advisory link for RHSA-2025:19719","url":"https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-November/002181.html"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Liberty Linux 8:pcs-0.10.18-2.el8_10.7","SUSE Liberty Linux 8:pcs-snmp-0.10.18-2.el8_10.7","SUSE Liberty Linux 9:pcs-0.11.9-2.el9_6.2","SUSE Liberty Linux 9:pcs-snmp-0.11.9-2.el9_6.2","openSUSE Tumbleweed:ruby3.4-rubygem-rack-2.2-2.2.19-1.1","openSUSE Tumbleweed:ruby4.0-rubygem-rack-2.2-2.2.22-1.1"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Liberty Linux 8:pcs-0.10.18-2.el8_10.7","SUSE Liberty Linux 8:pcs-snmp-0.10.18-2.el8_10.7","SUSE Liberty Linux 9:pcs-0.11.9-2.el9_6.2","SUSE Liberty Linux 9:pcs-snmp-0.11.9-2.el9_6.2","openSUSE Tumbleweed:ruby3.4-rubygem-rack-2.2-2.2.19-1.1","openSUSE Tumbleweed:ruby4.0-rubygem-rack-2.2-2.2.22-1.1"]}],"threats":[{"category":"impact","date":"2025-10-07T16:02:36Z","details":"important"}],"title":"CVE-2025-61772"}]}