Medium severity4.0NVD Advisory· Published May 28, 2025· Updated Apr 15, 2026
CVE-2025-32803
CVE-2025-32803
Description
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords7 versionspkg:rpm/almalinux/kea-docpkg:rpm/opensuse/kea&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kea&distro=openSUSE%20Tumbleweedpkg:rpm/suse/kea&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kea&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/kea&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/kea&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
< 2.6.3-1.el10_0+ 6 more
- (no CPE)range: < 2.6.3-1.el10_0
- (no CPE)range: < 2.6.3-150600.13.6.1
- (no CPE)range: < 2.6.3-1.1
- (no CPE)range: < 2.6.3-150700.3.3.5
- (no CPE)range: < 2.6.3-150700.3.3.5
- (no CPE)range: < 2.6.3-150600.13.6.1
- (no CPE)range: < 2.6.3-150600.13.6.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.