CVE-2025-54471 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-54471 Interim 1 2 2025-12-23T00:18:13Z current 2025-11-01T00:17:20Z 2025-12-23T00:18:13Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-54471 NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://github.com/neuvector/neuvector/security/advisories/GHSA-h773-7gf7-9m2x E-Mail link for GHSA-h773-7gf7-9m2x https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed govulncheck-vulndb-0.0.20251105T184115-1.1 govulncheck-vulndb-0.0.20251105T184115-1.1 as a component of openSUSE Tumbleweed NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data. CVE-2025-54471 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20251105T184115-1.1 moderate 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N