Msrc Cbl2 Mysql 8.0.44-2 On Cbl Mariner 2.0 vulnerabilities

CVE-2025-10966 [MEDIUM] missing SFTP host verification with wolfSSH missing SFTP host verification with wolfSSH Mariner: Mariner curl: curl Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2025-62813 [MEDIUM] CWE-158 LZ4 through 1.10.0 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4F_cr LZ4 through 1.10.0 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact when the application processes untrusted LZ4 frames. For example, LZ4F_createCDict_advanced in lib/lz4frame.c mishandles NULL checks. FAQ: