CVE-2025-64185 – Open OnDemand RPM packages create world writable locations

CVE ID : CVE-2025-64185

Published : Nov. 20, 2025, 5:15 p.m. | 1 hour, 58 minutes ago

Description : Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEM_PATH. Open OnDemand versions 4.0.8 and 3.1.16 have been patched for this vulnerability.

Severity: 6.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…