Handcrafted repo metadata may cause arbitrary local files to be...

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.

AI Analysis

Relative path traversal vulnerability in libzypp allowing remote attackers to overwrite files on the system

Basic Information

ID CVE-2026-25707

Source suse

Published Jun 29, 2026 at 10:04

Affected Product

Vendor SUSE

Product libzypp

Affected Versions SUSE libzypp 0

CWE Classification

CWE-23

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor SUSE

Product libzypp

Version before 17.38.10

References

{
    "lastseen": "",
    "description": "A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.",
    "published": "2026-06-29T10:04:59.223Z",
    "modified": "2026-06-29T10:04:59.223Z",
    "type": "cve",
    "title": "Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp",
    "source": "suse",
    "references": "https://bugzilla.suse.com/show_bug.cgi?id=1259802\nhttps://github.com/openSUSE/libzypp/commit/f09feda7fca03c941218aab0bb161cc82b185b6b",
    "id": "CVE-2026-25707",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "SUSE libzypp 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "libzypp",
    "version": "0",
    "vendor": "SUSE",
    "ai_description": "Relative path traversal vulnerability in libzypp allowing remote attackers to overwrite files on the system",
    "ai_severity": "High",
    "ai_vendor": "SUSE",
    "ai_product": "libzypp",
    "ai_version": "before 17.38.10",
    "ai_score": 8.8
}

Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp_CVE-2026-25707