Are Trident 25.10 Deployments Affected by CVE-2023-45288 and CVE-2025-22872?
Applies to
- NetApp Astra Trident 25.10
- Kubernetes/OpenShift environments using Trident 25.10
- Security teams evaluating CVE-2023-45288 and CVE-2025-22872
Answer
Customers running Trident 25.10 reported that security scans flagged the following vulnerabilities:
- CVE-2023-45288
- CVE-2025-22872
-
CVE-2023-45288:
This vulnerability was fixed in Trident version 24.06.0 and later. If you are running Trident 25.10 or any version after 24.06.0, your deployment is not affected by CVE-2023-45288.
Reference: NetApp Security Advisory for CVE-2023-45288 -
CVE-2025-22872:
This CVE does not affect Trident.
Reference: NetApp Security Advisory for CVE-2025-22872
Additional Information
additionalInformation_text
