OpenSearch-Dashboards icon indicating copy to clipboard operation
OpenSearch-Dashboards copied to clipboard

Published 20 hours ago • verified publisher icon opensearch-project

[BUG] CVE-2025-25977 in 2.19.1 Docker image

Open hasselg opened this issue 8 months ago • 1 comments
trafficstars

Having trouble tracking the source of this down, but the Docker image published for OpenSearch-Dashboards 2.19.1 (image hash b1e6c5ac2b44) contains version canvg-3.0.10 inside of the plugins/reportsDashboard directory, which is the subject of CVE-2025-25977.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25977

hasselg avatar Mar 13 '25 17:03 hasselg