{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T04:15:33.316","vulnerabilities":[{"cve":{"id":"CVE-2025-7195","sourceIdentifier":"secalert@redhat.com","published":"2025-08-07T19:15:29.367","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. \n\nIn affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"references":[{"url":"https://access.redhat.com/errata/RHEA-2025:23406","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHEA-2025:23478","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHEA-2026:0129","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19332","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19958","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19961","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21368","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21885","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22415","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22416","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22418","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22420","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22683","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22684","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23528","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23529","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23542","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0627","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0718","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0722","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0737","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:2572","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:5633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-7195","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376300","source":"secalert@redhat.com"}]}}]}