{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Medium" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"gdb security update", "category":"general", "title":"Synopsis" }, { "text":"An update for gdb is now available for openEuler-20.03-LTS-SP4", "category":"general", "title":"Summary" }, { "text":"GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed.\n\nSecurity Fix(es):\n\nA vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.(CVE-2025-11412)\n\nA weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.(CVE-2025-11840)", "category":"general", "title":"Description" }, { "text":"An update for gdb is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Medium", "category":"general", "title":"Severity" }, { "text":"gdb", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2625", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2625" }, { "summary":"CVE-2025-11412", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-11412&packageName=gdb" }, { "summary":"CVE-2025-11840", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-11840&packageName=gdb" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-11412" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-11840" }, { "summary":"openEuler-SA-2025-2625 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openEuler-SA-2025-2625.json" } ], "title":"An update for gdb is now available for openEuler-20.03-LTS-SP4", "tracking":{ "initial_release_date":"2025-11-12T14:57:08+08:00", "revision_history":[ { "date":"2025-11-12T14:57:08+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-11-12T14:57:08+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-11-12T14:57:08+08:00", "id":"openEuler-SA-2025-2625", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"openEuler-20.03-LTS-SP4", "name":"openEuler-20.03-LTS-SP4" }, "name":"openEuler-20.03-LTS-SP4", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-9.2-15.oe2003sp4.aarch64.rpm", "name":"gdb-9.2-15.oe2003sp4.aarch64.rpm" }, "name":"gdb-9.2-15.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-debuginfo-9.2-15.oe2003sp4.aarch64.rpm", "name":"gdb-debuginfo-9.2-15.oe2003sp4.aarch64.rpm" }, "name":"gdb-debuginfo-9.2-15.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-debugsource-9.2-15.oe2003sp4.aarch64.rpm", "name":"gdb-debugsource-9.2-15.oe2003sp4.aarch64.rpm" }, "name":"gdb-debugsource-9.2-15.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-gdbserver-9.2-15.oe2003sp4.aarch64.rpm", "name":"gdb-gdbserver-9.2-15.oe2003sp4.aarch64.rpm" }, "name":"gdb-gdbserver-9.2-15.oe2003sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-headless-9.2-15.oe2003sp4.aarch64.rpm", "name":"gdb-headless-9.2-15.oe2003sp4.aarch64.rpm" }, "name":"gdb-headless-9.2-15.oe2003sp4.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-9.2-15.oe2003sp4.src.rpm", "name":"gdb-9.2-15.oe2003sp4.src.rpm" }, "name":"gdb-9.2-15.oe2003sp4.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-9.2-15.oe2003sp4.x86_64.rpm", "name":"gdb-9.2-15.oe2003sp4.x86_64.rpm" }, "name":"gdb-9.2-15.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-debuginfo-9.2-15.oe2003sp4.x86_64.rpm", "name":"gdb-debuginfo-9.2-15.oe2003sp4.x86_64.rpm" }, "name":"gdb-debuginfo-9.2-15.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-debugsource-9.2-15.oe2003sp4.x86_64.rpm", "name":"gdb-debugsource-9.2-15.oe2003sp4.x86_64.rpm" }, "name":"gdb-debugsource-9.2-15.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-gdbserver-9.2-15.oe2003sp4.x86_64.rpm", "name":"gdb-gdbserver-9.2-15.oe2003sp4.x86_64.rpm" }, "name":"gdb-gdbserver-9.2-15.oe2003sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-headless-9.2-15.oe2003sp4.x86_64.rpm", "name":"gdb-headless-9.2-15.oe2003sp4.x86_64.rpm" }, "name":"gdb-headless-9.2-15.oe2003sp4.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4" }, "product_id":"gdb-help-9.2-15.oe2003sp4.noarch.rpm", "name":"gdb-help-9.2-15.oe2003sp4.noarch.rpm" }, "name":"gdb-help-9.2-15.oe2003sp4.noarch.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-9.2-15.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "name":"gdb-9.2-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-debuginfo-9.2-15.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "name":"gdb-debuginfo-9.2-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-debugsource-9.2-15.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "name":"gdb-debugsource-9.2-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-gdbserver-9.2-15.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "name":"gdb-gdbserver-9.2-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-headless-9.2-15.oe2003sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "name":"gdb-headless-9.2-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-9.2-15.oe2003sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "name":"gdb-9.2-15.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-9.2-15.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "name":"gdb-9.2-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-debuginfo-9.2-15.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "name":"gdb-debuginfo-9.2-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-debugsource-9.2-15.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "name":"gdb-debugsource-9.2-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-gdbserver-9.2-15.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "name":"gdb-gdbserver-9.2-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-headless-9.2-15.oe2003sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "name":"gdb-headless-9.2-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-20.03-LTS-SP4", "product_reference":"gdb-help-9.2-15.oe2003sp4.noarch.rpm", "full_product_name":{ "product_id":"openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch", "name":"gdb-help-9.2-15.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-11412", "notes":[ { "text":"A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ], "details":"gdb security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2625" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-11412" }, { "cve":"CVE-2025-11840", "notes":[ { "text":"A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ], "details":"gdb security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2625" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.aarch64", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.src", "openEuler-20.03-LTS-SP4:gdb-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debuginfo-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-debugsource-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-gdbserver-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-headless-9.2-15.oe2003sp4.x86_64", "openEuler-20.03-LTS-SP4:gdb-help-9.2-15.oe2003sp4.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-11840" } ] }