CVE-2025-22246

Source
https://cve.org/CVERecord?id=CVE-2025-22246
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22246.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-22246
Published
2025-05-13T06:15:35.827Z
Modified
2026-04-10T05:23:58.386902Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.

References

Affected packages

Git / github.com/cloudfoundry/cf-deployment

Affected ranges

Type
GIT
Repo
https://github.com/cloudfoundry/cf-deployment
Events
Database specific
{
    "versions": [
        {
            "introduced": "45.1.0"
        },
        {
            "fixed": "49.0.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/cloudfoundry/uaa-release
Events
Database specific
{
    "versions": [
        {
            "introduced": "77.21.0"
        },
        {
            "fixed": "77.32.0"
        }
    ]
}

Affected versions

v45.*
v45.1.0
v46.*
v46.0.0
v46.1.0
v46.2.0
v46.3.0
v46.4.0
v46.5.0
v46.6.0
v46.7.0
v47.*
v47.0.0
v47.1.0
v48.*
v48.0.0
v48.1.0
v48.10.0
v48.11.0
v48.2.0
v48.3.0
v48.4.0
v48.5.0
v48.6.0
v48.7.0
v48.8.0
v48.9.0
v77.*
v77.21.0
v77.22.0
v77.23.0
v77.24.0
v77.25.0
v77.26.0
v77.27.0
v77.28.0
v77.29.0
v77.30.0
v77.31.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22246.json"