{
  "threat_severity" : "Low",
  "public_date" : "2025-05-12T00:00:00Z",
  "bugzilla" : {
    "description" : "screen: File Existence Tests via Socket Lookup Error Messages",
    "id" : "2364202",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2364202"
  },
  "cvss3" : {
    "cvss3_base_score" : "3.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-497",
  "details" : [ "A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available.\nAffected are older Screen versions, as well as version 5.0.0.", "A flaw was found in Screen. It generates an error message that allows unprivileged users to deduce information about a path that should not be accessible." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "screen",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "screen",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-46804\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-46804" ],
  "name" : "CVE-2025-46804",
  "mitigation" : {
    "value" : "No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}