Palo Alto Networks Security Advisories / PAN-SA-2025-0012

PAN-SA-2025-0012 Informational Bulletin: OSS CVEs Fixed in PAN-OS


Informational

JSON CSAF
Published 2025-07-09
Updated 2025-07-09
Discovered externally

Description

The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution.

CVESummary
CVE-2018-6594This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, 12.1.2, and all later versions of PAN-OS
CVE-2018-25032This CVE is fixed in PAN-OS 10.1.7, 10.2.2, and all later versions of PAN-OS
CVE-2019-5827This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2019-13750This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2019-13751This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2019-19603This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2020-9283This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS.
CVE-2020-13434This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2020-13435This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2020-14040This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS.
CVE-2020-15358This CVE is fixed in PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2020-29652This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS.
CVE-2021-3572This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, and all later versions of PAN-OS
CVE-2021-3712This CVE is fixed in PAN-OS 10.1.4, 10.2.4, and all later versions of PAN-OS
CVE-2021-20305This CVE is fixed in PAN-OS 10.2.11, 11.1.3, and all later versions of PAN-OS.
CVE-2021-27918This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS
CVE-2022-1962This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS
CVE-2022-25313This CVE is fixed in PAN-OS 10.2.14, 11.1.8, 11.2.8, and all later versions of PAN-OS
CVE-2022-25314This CVE is fixed in PAN-OS 10.2.14, 11.1.8, 11.2.8, and all later versions of PAN-OS
CVE-2022-28131This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS
CVE-2022-30633This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS
CVE-2023-3978This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS
CVE-2023-5752This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, and all later versions of PAN-OS
CVE-2023-27536This CVE is fixed in PAN-OS 11.1.8, 11.2.5, and all later versions of PAN-OS.
CVE-2023-28321This CVE is fixed in PAN-OS 11.1.8, 11.2.5, and all later versions of PAN-OS.
CVE-2023-28322This CVE is fixed in PAN-OS 11.1.8, 11.2.5, and all later versions of PAN-OS.
CVE-2023-38546This CVE is fixed in PAN-OS 11.1.8, 11.2.5, and all later versions of PAN-OS.
CVE-2023-43804This CVE is fixed in PAN-OS 10.2.14, 11.1.5, 11.2.5, and all later versions of PAN-OS.
CVE-2023-46218This CVE is fixed in PAN-OS 11.1.8, 11.2.5, and all later versions of PAN-OS.
CVE-2023-52425This CVE is fixed in PAN-OS 10.2.14, 11.1.8, 11.2.8, and all later versions of PAN-OS.
CVE-2024-1086This CVE is fixed in PAN-OS 10.2.11, 11.1.5, 11.2.3, and all later versions of PAN-OS.
CVE-2024-12085This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, 12.1.2, and all later versions of PAN-OS.
CVE-2024-34155This CVE is fixed in PAN-OS 11.2.5, and all later versions of PAN-OS.
CVE-2025-22871This CVE is fixed in PAN-OS 11.2.9, and all later versions of PAN-OS.
CVE-2025-27363This CVE is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, 12.1.2, and all later versions of PAN-OS.
PRISMA-2022-0168This issue is fixed in PAN-OS 10.2.17, 11.1.11, 11.2.8, and all later versions of PAN-OS.

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Solution

The OSS CVEs are fixed in the respective PAN-OS versions.

CPE Applicability

Timeline

Initial Publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.