{"id":"CVE-2025-22246","details":"Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.","modified":"2026-04-10T05:23:58.386902Z","published":"2025-05-13T06:15:35.827Z","references":[{"type":"ADVISORY","url":"https://www.cloudfoundry.org/blog/cve-2025-22246-uaa-private-key-exposure/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/cf-deployment","events":[{"introduced":"534c88ffbd02e16cba279f1ab17905dc99626e50"},{"fixed":"510377e96fe87e853f85054919f346315e0a0c9b"}],"database_specific":{"versions":[{"introduced":"45.1.0"},{"fixed":"49.0.0"}]}},{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa-release","events":[{"introduced":"3f77f818e2e2ad359d32f7a1585f10a55c64760b"},{"fixed":"5cc41dd9f19f62984d99eba2166879af371832ac"}],"database_specific":{"versions":[{"introduced":"77.21.0"},{"fixed":"77.32.0"}]}}],"versions":["v45.1.0","v46.0.0","v46.1.0","v46.2.0","v46.3.0","v46.4.0","v46.5.0","v46.6.0","v46.7.0","v47.0.0","v47.1.0","v48.0.0","v48.1.0","v48.10.0","v48.11.0","v48.2.0","v48.3.0","v48.4.0","v48.5.0","v48.6.0","v48.7.0","v48.8.0","v48.9.0","v77.21.0","v77.22.0","v77.23.0","v77.24.0","v77.25.0","v77.26.0","v77.27.0","v77.28.0","v77.29.0","v77.30.0","v77.31.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22246.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}