CVE-2025-6224 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-6224 Interim 1 4 2026-03-05T01:30:16Z current 2025-08-05T23:39:28Z 2026-03-05T01:30:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-6224 Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 16.0 openSUSE Tumbleweed govulncheck-vulndb-0.0.20250730T213748-1.1 govulncheck-vulndb-0.0.20250814T182633-160000.1.2 govulncheck-vulndb-0.0.20250814T182633-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 govulncheck-vulndb-0.0.20250730T213748-1.1 as a component of openSUSE Tumbleweed Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it. CVE-2025-6224 SUSE Linux Enterprise Server 16.0:govulncheck-vulndb-0.0.20250814T182633-160000.1.2 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1 moderate 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N