CVE-2025-65100

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Isar versions 0.11-rc1 through 0.11

Description Isar is a system for automated root filesystem generation. In versions 0.11-rc1 and 0.11, defining the ISAR APT SNAPSHOT DATE variable alone does not correctly set the timestamp value for security distribution. This can result in missed security updates.

Recommendations Update to a version after the commit 738bcbb to address this issue.

Exploit

Fix

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

CVE-2025-65100

GHSA-3R9W-6CP6-7HM4

Affected Products

Isar

CVE-2025-65100

Weakness Enumeration

Related Identifiers

Affected Products

References · 9