VYPR
Medium severityOSV Advisory· Published Nov 20, 2025· Updated Apr 15, 2026

CVE-2025-64185

CVE-2025-64185

Description

Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH. Open OnDemand versions 4.0.8 and 3.1.16 have been patched for this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Osc/OndemandOSV2 versions
    v.3.1.3, v1.2.1, v1.3.0, …+ 1 more
    • (no CPE)range: v.3.1.3, v1.2.1, v1.3.0, …
    • (no CPE)range: <4.0.8, <3.1.16

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.