Vulnerability in Linux Linux_kernel

CVE-2025-0589

In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associate…

EPSS: 0.003 (26.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-0589?
CVE-2025-0589 is a medium-severity vulnerability in Linux Linux_kernel, classified under CWE-648. CVSS score: 5.3/10. Published 2025-02-11.
How severe is CVE-2025-0589?
Medium severity. CVSS v3 base score is 5.3 out of 10.