{"affected":[{"ecosystem_specific":{"binaries":[{"glibc":"2.38-150600.14.32.1","glibc-32bit":"2.38-150600.14.32.1","glibc-devel":"2.38-150600.14.32.1","glibc-extra":"2.38-150600.14.32.1","glibc-i18ndata":"2.38-150600.14.32.1","glibc-info":"2.38-150600.14.32.1","glibc-lang":"2.38-150600.14.32.1","glibc-locale":"2.38-150600.14.32.1","glibc-locale-base":"2.38-150600.14.32.1","glibc-locale-base-32bit":"2.38-150600.14.32.1","glibc-profile":"2.38-150600.14.32.1","libnsl1":"2.38-150600.14.32.1","libnsl1-32bit":"2.38-150600.14.32.1","nscd":"2.38-150600.14.32.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP7","name":"glibc","purl":"pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.38-150600.14.32.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"glibc-devel-32bit":"2.38-150600.14.32.1","glibc-devel-static":"2.38-150600.14.32.1","glibc-utils":"2.38-150600.14.32.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP7","name":"glibc","purl":"pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.38-150600.14.32.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for glibc fixes the following issues:\n\n- CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen\n  search for libraries to load in LD_LIBRARY_PATH (bsc#1243317).\n","id":"SUSE-SU-2025:01702-2","modified":"2025-06-04T07:33:09Z","published":"2025-06-04T07:33:09Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202501702-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243317"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4802"}],"related":["CVE-2025-4802"],"summary":"Security update for glibc","upstream":["CVE-2025-4802"]}