SB20250711125 - Anolis OS update for container-tools:an8 module

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20250711125

SB20250711125 - Anolis OS update for container-tools:an8 module

Published: July 11, 2025

Security Bulletin ID SB20250711125
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2025-22871)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests when handling chunked data in net/http. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.


2) Improper Certificate Validation (CVE-ID: CVE-2025-6032)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. A remote attacker can perform MitM attack. 


Remediation

Install update from vendor's website.

References