CVE-2025-65100
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-19

Last updated on: 2025-11-19

Assigner: GitHub, Inc.

Description
Isar is an integration system for automated root filesystem generation. In versions 0.11-rc1 and 0.11, defining ISAR_APT_SNAPSHOT_DATE alone does not set the correct timestamp value for security distribution, leading to missed security updates. This issue has been patched via commit 738bcbb.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-19
Last Modified
2025-11-19
Generated
2026-06-16
AI Q&A
2025-11-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65100
EUVD
EUVD-2025-198229
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
isar isar 0.11-rc1
isar isar 0.11
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in Isar versions 0.11-rc1 and 0.11, where defining the ISAR_APT_SNAPSHOT_DATE alone does not correctly set the timestamp for the security distribution. As a result, security updates may be missed because the system does not recognize the correct update time. This issue has been fixed in a later patch.

Impact Analysis

The vulnerability can lead to missed security updates in the root filesystem generated by Isar, potentially leaving the system exposed to known security issues that would otherwise be patched. This increases the risk of exploitation due to outdated security components.

Mitigation Strategies

To mitigate this vulnerability, update Isar to a version that includes the patch from commit 738bcbb, as this fixes the issue with incorrect timestamp values leading to missed security updates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65100. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart