cvelistV5 icon indicating copy to clipboard operation
cvelistV5 copied to clipboard
verified publisher icon CVEProject

CVE-2025-7195 is being constantly updated

Open lsdijk opened this issue 1 month ago • 2 comments

CVE-2025-7195 has been constantly updated for two weeks now - in essence, at least once every hour, 24/7. Sometimes there are no changes to the contents of this CVE when updated: only the update timestamp changes.

Anybody know why this CVE is being updated all the time? There seems to be no good reason to do so.

lsdijk avatar Nov 23 '25 17:11 lsdijk

Something is amiss with this CVE. It is updated at least once an hour, 24/7, the differences between two consecutive updates being typically like the following:

13c13
<       "dateUpdated": "2025-11-29T23:37:44.313Z"
---
>       "dateUpdated": "2025-11-30T00:37:49.200Z"
79c79
<                 "version": "sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a",
---
>                 "version": "sha256:dd99548b21e36ba637fbf8e44f6062d2fec98abd536dba16e10475648664984e",
133c133
<                 "version": "sha256:d6daba3c061a1405e127105d9cd8d719bf793c3c375bdbdd839f0d0ae5517fe9",
---
>                 "version": "sha256:af41dc511a4fba130590c8528e555fa331d0fea3c617a3f942e98216900d6773",
169c169
<                 "version": "sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c",
---
>                 "version": "sha256:abaf77e6b461da4ae52774dfc2816c619c0bb9a2199024742ec173f3401c9981",
187c187
<                 "version": "sha256:53532c4f8a3328788f7ad9ce1de7e94fe3c590dcdf367e04a4e47c190a0d39c7",
---
>                 "version": "sha256:46a940727ab0bb654158deab9b9fa85a768b2fd6bdcf32f9eb0c0b061317be72",
205c205
<                 "version": "sha256:17ff83445d5f6c2296f1b5c5061734a7866c84f6951e140f194bb5a1b2c981a2",
---
>                 "version": "sha256:33ba95658e6628be853182a24007d0eef69c350f344e01d24296396eaba1e0e9",
223c223
<                 "version": "sha256:92dcf853dee08f8f68d43d6928df81e0e03cb95ed1c7b9035de089ec831ac12f",
---
>                 "version": "sha256:4f7a00583f8fe10b6fb076c75123c3fa49d9cfa0c89081d3bb39ed347f4c0993",
241c241
<                 "version": "sha256:c124e98be5de4a56ea655e4beca79f2858b32465fd20e07773e7a1395ab698bf",
---
>                 "version": "sha256:487d5f2fae53dde288db6981d2e6373d0be4ac440abc7683147d64fce28976de",
277c277
<                 "version": "sha256:c09f09d492589e985ade4c480b5bcefa5ee8d5fd819c6a4953d581f60b609738",
---
>                 "version": "sha256:495c95d1a2df101e0bf9c0eaa3caeb575f596d6098782c3a0a1dcb0342589886",
295c295
<                 "version": "sha256:2e11b27b9d6884dcb846865d632c141a038f85163b0c4db63a1f29cb8d277125",
---
>                 "version": "sha256:c1537bc0126b2cabce127ec3d719b9ea6341302cde316cf37f5348ae1e287124",
313c313
<                 "version": "sha256:5ad05f728a9409bccca7af882d0bb7161a2269d8336ad3e63c3236c9023e017a",
---
>                 "version": "sha256:4280a31c94268bb421798385104196fcbf69d6821344601af246fd087e93ca63",
331c331
<                 "version": "sha256:e9a01f91576307ab1e618ce7e4db1c116b2eb9701c5f5a48b0ad671fa57dc18d",
---
>                 "version": "sha256:857bfb293633ec85b774c07b2413f1e184155e5b7a5f63a99073ea419a671e17",
349c349
<                 "version": "sha256:ae7818eab65947f74badec716268053224a27b53d704d89c455380d54009c10c",
---
>                 "version": "sha256:f2b3e838d78b6bd89e5c9f401326d08696fb29b862fa99b701a3b0aa8b705fe4",
385c385
<                 "version": "sha256:1b56fc6c4b897bb8a62b1fa176af6bace8282b2de38e3e69b5673c5ae3e6848c",
---
>                 "version": "sha256:55dd4696828ab8a7546481b8124406d858b9a43563e14599d06f5e5b1ac030f5",
403c403
<                 "version": "sha256:1ff67f3ff46b59b86c2f29596008440da7da8d594005881c65d6d4ab645aefc6",
---
>                 "version": "sha256:b251e7b26d4a6f3443d6d795a4d92992b5f79d56e5561477648eabae286d7641",
439c439
<                 "version": "sha256:87f5569806a8960520bab78d69514f2e2061b2ad69040cf7c164a5037c27e6bf",
---
>                 "version": "sha256:e0d3839cbb1734c0e224e0c076c7c8b4d0e0888e31989b8a6a611418ea2c72bc",
493c493
<                 "version": "sha256:526abc72ccfa1729a5962911f92da64a3dda4a689421ecdb21c7ad2a049f53ef",
---
>                 "version": "sha256:2bd4927011a029a1dd7ba2baa2fdc759d431550879eddc8813d89cb44cdb2767",
511c511
<                 "version": "sha256:d40189f09ff39240e5e49412c1314d9911fcb957459c7496b215da8c9f758b8e",
---
>                 "version": "sha256:5aad1d226292a42c700e97575eec56040108869acdcb720a9c5b32d02a0035b3",
565c565
<                 "version": "sha256:7ea7c9adce3bb022e345cffcb939e4d4d03e44717ac32a00cbef60d3fb5eb2b3",
---
>                 "version": "sha256:b14c3a7c4cc6531ed0d9701fe1b07ddc8c85e702ef8b058f0eaaadb1e8852a04",
583c583
<                 "version": "sha256:c5e4d50a9c4ee10b0e7f9bba3d4d21bf479b19423ef3e0530a6637be85acc1ed",
---
>                 "version": "sha256:20c7a4f70f6000f204a3c53c153aaa3c08be94c98c09b90f538b2a19156a00e0",
601c601
<                 "version": "sha256:599bfb2b83e095f88d90a408d4e8bf66bf10070255c5d174ca9ed8668111d25f",
---
>                 "version": "sha256:bdfb055790f5c58fd4d5699cdcb07151f4be909d920f3243d4610b74183a961d",
619c619
<                 "version": "sha256:40f8584e7ed0be1742fc3d40ee639dfd5323e38c55c7fcae4146d4246abf6cf0",
---
>                 "version": "sha256:4da2afb698447df4a45a8bc1b479e57a5da7cd7a3ace09e131717a31155ec8a5",
637c637
<                 "version": "sha256:7c5b233911109f0a218b634d8d317229a3949b2ea5936b7ec91ebfcdd6f15060",
---
>                 "version": "sha256:116f99072859f76161266a538d92d7e19e3b463fc18e6084cf7faf7a6b311116",
655c655
<                 "version": "sha256:ea4c2c1e333eb04d8d5514d255336aa7f0d20fa462b595ebcadcf2929acf9909",
---
>                 "version": "sha256:053ad72159390ad37825015b051252dc162f46ebeeab4866e1568af1f0084cab",
673c673
<                 "version": "sha256:ca0284c10827905e1576ea0a01bb09425acbf96d30b2e556b34e22e2d0115196",
---
>                 "version": "sha256:eb4386e6dfb4a2277085dbc44190243c40d973b80e9985fe42378098eb35e6e7",
691c691
<                 "version": "sha256:1d10099e7b5e3a3c4444569f6af365f90494c71b758aad1dad53f5aecf788ca5",
---
>                 "version": "sha256:65c4003dfb7180e015ec74fe9e599bcc313501ab9b9c67d61fc59a68e6c89349",
709c709
<                 "version": "sha256:74b1659b62a5d75ef62f8fc46701445a51a1e78e8d7d96ccccab47cdd67acacb",
---
>                 "version": "sha256:2987990bc63fa58ced038084921bdf168a017bd0b94b296a7c79dc264388339a",
727c727
<                 "version": "sha256:25b4647a37692cde90c499460a62a78342827265992adc0740bef650028fc2df",
---
>                 "version": "sha256:fdb74e11ba60926cf6abfe7898ffec199d3efe07fb0273e794ba4e10c9f7ad70",
1474c1474
<           "dateUpdated": "2025-11-29T23:37:44.313Z"
---
>           "dateUpdated": "2025-11-30T00:37:49.200Z"

Nothing else ever changes between updates.

lsdijk avatar Nov 30 '25 16:11 lsdijk

For comparison, the vast majority of CVEs are updated once or twice, and very, very few have undergone more than ten updates. CVE-2025-7195 has been updated scores of times already only in the last few weeks.

lsdijk avatar Nov 30 '25 16:11 lsdijk

Looks like this might be intentional as they keep finding new versions of the product? See https://catalog.redhat.com/en/software/containers/odf4/mcg-rhel9-operator/63e59e422d6bc13251784052/history

You can try reaching out to the owning CNA Red Hat to see if they can do something about it.

M-nj avatar Dec 03 '25 15:12 M-nj

Thanks. What makes it weird is that it keeps happening literally all the time.

lsdijk avatar Dec 04 '25 14:12 lsdijk