Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-58190 (GCVE-0-2025-58190)
Vulnerability from cvelistv5 – Published: 2026-02-05 17:48 – Updated: 2026-02-12 15:22
VLAI
EPSS
Title
Infinite parsing loop in golang.org/x/net
Summary
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-835 - Loop with Unreachable Exit Condition
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.45.0
(semver)
|
Credits
Guido Vranken
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-58190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-12T15:22:10.801204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T15:22:37.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "inRowIM"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.45.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Guido Vranken"
}
],
"descriptions": [
{
"lang": "en",
"value": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-835: Loop with Unreachable Exit Condition",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:48:44.693Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"url": "https://github.com/golang/vulndb/issues/4441"
},
{
"url": "https://go.dev/cl/709875"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4441"
}
],
"title": "Infinite parsing loop in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-58190",
"datePublished": "2026-02-05T17:48:44.693Z",
"dateReserved": "2025-08-27T14:50:58.692Z",
"dateUpdated": "2026-02-12T15:22:37.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-58190",
"date": "2026-07-01",
"epss": "0.00482",
"percentile": "0.3806"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-58190\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-02-05T18:16:10.027\",\"lastModified\":\"2026-06-17T09:44:02.557\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n html.Parse en golang.org/x/net/html tiene un bucle de an\u00e1lisis infinito al procesar ciertas entradas, lo que puede llevar a una denegaci\u00f3n de servicio (DoS) si un atacante proporciona contenido HTML especialmente dise\u00f1ado.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/net\",\"product\":\"golang.org/x/net/html\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/net/html\",\"programRoutines\":[{\"name\":\"inRowIM\"},{\"name\":\"Parse\"},{\"name\":\"ParseFragment\"},{\"name\":\"ParseFragmentWithOptions\"},{\"name\":\"ParseWithOptions\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.45.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-02-12T15:22:10.801204Z\",\"id\":\"CVE-2025-58190\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go:html:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.45.0\",\"matchCriteriaId\":\"376264FC-D0BB-4AAD-B6DE-127D83F3070A\"}]}]}],\"references\":[{\"url\":\"https://github.com/golang/vulndb/issues/4441\",\"source\":\"security@golang.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://go.dev/cl/709875\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4441\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-58190\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-12T15:22:10.801204Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-12T15:22:27.673Z\"}}], \"cna\": {\"title\": \"Infinite parsing loop in golang.org/x/net\", \"credits\": [{\"lang\": \"en\", \"value\": \"Guido Vranken\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.45.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"inRowIM\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseFragment\"}, {\"name\": \"ParseFragmentWithOptions\"}, {\"name\": \"ParseWithOptions\"}]}], \"references\": [{\"url\": \"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c\"}, {\"url\": \"https://github.com/golang/vulndb/issues/4441\"}, {\"url\": \"https://go.dev/cl/709875\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4441\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-835: Loop with Unreachable Exit Condition\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-02-05T17:48:44.693Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-58190\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-12T15:22:37.685Z\", \"dateReserved\": \"2025-08-27T14:50:58.692Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-02-05T17:48:44.693Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2025:4444-1
Vulnerability from csaf_suse - Published: 2025-12-18 08:49 - Updated: 2025-12-18 08:49Summary
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
grafana was updated from version 11.5.7 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Update to version 11.5.8:
+ No relevant changes
uyuni-tools:
- version 5.1.23-0
* Update the default tag to 5.1.1.1
- version 5.1.22-0
* Fix cobbler config migration to standalone files
* Fix generated DB certificate subject alternate names
- version 5.1.21-0
* Remove extraneous quotes when getting the running image (bsc#1249434)
Patchnames: SUSE-2025-4444,SUSE-MultiLinuxManagerTools-SLE-12-2025-4444
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.5 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana was updated from version 11.5.7 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n * Update to version 11.5.8:\n + No relevant changes\n\nuyuni-tools:\n\n- version 5.1.23-0\n * Update the default tag to 5.1.1.1\n- version 5.1.22-0\n * Fix cobbler config migration to standalone files\n * Fix generated DB certificate subject alternate names\n- version 5.1.21-0\n * Remove extraneous quotes when getting the running image (bsc#1249434)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4444,SUSE-MultiLinuxManagerTools-SLE-12-2025-4444",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4444-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4444-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254444-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4444-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023608.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249434",
"url": "https://bugzilla.suse.com/1249434"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-12-18T08:49:35Z",
"generator": {
"date": "2025-12-18T08:49:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4444-1",
"initial_release_date": "2025-12-18T08:49:35Z",
"revision_history": [
{
"date": "2025-12-18T08:49:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.aarch64",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.aarch64",
"product_id": "grafana-11.5.10-120002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"product_id": "mgrctl-5.1.23-120002.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-lang-5.1.23-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.ppc64le",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.ppc64le",
"product_id": "grafana-11.5.10-120002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"product_id": "mgrctl-5.1.23-120002.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.s390x",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.s390x",
"product_id": "grafana-11.5.10-120002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.s390x",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.s390x",
"product_id": "mgrctl-5.1.23-120002.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.x86_64",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.x86_64",
"product_id": "grafana-11.5.10-120002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"product_id": "mgrctl-5.1.23-120002.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4446-1
Vulnerability from csaf_suse - Published: 2025-12-18 08:49 - Updated: 2025-12-18 08:49Summary
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
grafana was updated from version 11.5.7 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fix parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fix excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Update to version 11.5.8:
+ No relevant changes
uyuni-tools:
- version 5.1.23-0
* Update the default tag to 5.1.1.1
- version 5.1.22-0
* Fix cobbler config migration to standalone files
* Fix generated DB certificate subject alternate names
- version 5.1.21-0
* Remove extraneous quotes when getting the running image (bsc#1249434)
Patchnames: SUSE-2025-4446,SUSE-MultiLinuxManagerTools-SLE-15-2025-4446,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-4446
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.5 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana was updated from version 11.5.7 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fix parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fix excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n * Update to version 11.5.8:\n + No relevant changes\n\nuyuni-tools:\n\n- version 5.1.23-0\n * Update the default tag to 5.1.1.1\n- version 5.1.22-0\n * Fix cobbler config migration to standalone files\n * Fix generated DB certificate subject alternate names\n- version 5.1.21-0\n * Remove extraneous quotes when getting the running image (bsc#1249434)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4446,SUSE-MultiLinuxManagerTools-SLE-15-2025-4446,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-4446",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4446-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4446-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254446-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4446-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023607.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249434",
"url": "https://bugzilla.suse.com/1249434"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-12-18T08:49:58Z",
"generator": {
"date": "2025-12-18T08:49:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4446-1",
"initial_release_date": "2025-12-18T08:49:58Z",
"revision_history": [
{
"date": "2025-12-18T08:49:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.aarch64",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.aarch64",
"product_id": "grafana-11.5.10-150002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"product_id": "mgrctl-5.1.23-150002.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-lang-5.1.23-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.ppc64le",
"product_id": "grafana-11.5.10-150002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"product_id": "mgrctl-5.1.23-150002.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.s390x",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.s390x",
"product_id": "grafana-11.5.10-150002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.s390x",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x",
"product_id": "mgrctl-5.1.23-150002.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.x86_64",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.x86_64",
"product_id": "grafana-11.5.10-150002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"product_id": "mgrctl-5.1.23-150002.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15"
}
},
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4479-1
Vulnerability from csaf_suse - Published: 2025-12-18 12:15 - Updated: 2025-12-18 12:15Summary
Security update 4.3.16.2 for Multi-Linux Manager Server LTS
Severity
Moderate
Notes
Title of the patch: Security update 4.3.16.2 for Multi-Linux Manager Server LTS
Description of the patch: This update fixes the following issues:
release-notes-susemanager:
- Update to SUSE Manager 4.3.16.2
* SUSE Linux Enterprise Server 15 SP6 LTSS channels enabled
* CVEs Fixed:
CVE-2025-11065, CVE-2025-64751, CCVE-2025-47911, CVE-2025-58190
CVE-2025-62349, CVE-2025-62348
* Bugs mentioned:
bsc#1237060, bsc#1241455, bsc#1250911, bsc#1251864, bsc#1253024
Patchnames: SUSE-2025-4479,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4479,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4479
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 4.3.16.2 for Multi-Linux Manager Server LTS",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nrelease-notes-susemanager:\n\n- Update to SUSE Manager 4.3.16.2\n * SUSE Linux Enterprise Server 15 SP6 LTSS channels enabled\n * CVEs Fixed:\n CVE-2025-11065, CVE-2025-64751, CCVE-2025-47911, CVE-2025-58190\n CVE-2025-62349, CVE-2025-62348\n * Bugs mentioned:\n bsc#1237060, bsc#1241455, bsc#1250911, bsc#1251864, bsc#1253024\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4479,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4479,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4479",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4479-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4479-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254479-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4479-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023616.html"
},
{
"category": "self",
"summary": "SUSE Bug 1237060",
"url": "https://bugzilla.suse.com/1237060"
},
{
"category": "self",
"summary": "SUSE Bug 1241455",
"url": "https://bugzilla.suse.com/1241455"
},
{
"category": "self",
"summary": "SUSE Bug 1250911",
"url": "https://bugzilla.suse.com/1250911"
},
{
"category": "self",
"summary": "SUSE Bug 1251864",
"url": "https://bugzilla.suse.com/1251864"
},
{
"category": "self",
"summary": "SUSE Bug 1253024",
"url": "https://bugzilla.suse.com/1253024"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62348 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62349 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 4.3.16.2 for Multi-Linux Manager Server LTS",
"tracking": {
"current_release_date": "2025-12-18T12:15:07Z",
"generator": {
"date": "2025-12-18T12:15:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4479-1",
"initial_release_date": "2025-12-18T12:15:07Z",
"revision_history": [
{
"date": "2025-12-18T12:15:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"product": {
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"product_id": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"product": {
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"product_id": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy LTS 4.3",
"product": {
"name": "SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch"
},
"product_reference": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
},
"product_reference": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-62348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62348"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62348",
"url": "https://www.suse.com/security/cve/CVE-2025-62348"
},
{
"category": "external",
"summary": "SUSE Bug 1254256 for CVE-2025-62348",
"url": "https://bugzilla.suse.com/1254256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "important"
}
],
"title": "CVE-2025-62348"
},
{
"cve": "CVE-2025-62349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62349"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62349",
"url": "https://www.suse.com/security/cve/CVE-2025-62349"
},
{
"category": "external",
"summary": "SUSE Bug 1254257 for CVE-2025-62349",
"url": "https://bugzilla.suse.com/1254257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-62349"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4482-1
Vulnerability from csaf_suse - Published: 2025-12-18 12:22 - Updated: 2025-12-18 12:22Summary
Security update for grafana
Severity
Important
Notes
Title of the patch: Security update for grafana
Description of the patch: This update for grafana fixes the following issues:
grafana was updated from version 11.5.5 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
* CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735)
* CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)
* CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (version 11.5.6)
(bsc#1245302)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Version 11.5.7:
+ Azure: Fixed legend formatting and resource name determination in template variable queries.
Patchnames: SUSE-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4482,openSUSE-SLE-15.6-2025-4482
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.6 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for grafana",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 11.5.5 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735)\n * CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)\n * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (version 11.5.6)\n (bsc#1245302)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n\n * Version 11.5.7:\n + Azure: Fixed legend formatting and resource name determination in template variable queries.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4482,openSUSE-SLE-15.6-2025-4482",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4482-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4482-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254482-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4482-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023614.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1246735",
"url": "https://bugzilla.suse.com/1246735"
},
{
"category": "self",
"summary": "SUSE Bug 1246736",
"url": "https://bugzilla.suse.com/1246736"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6197 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update for grafana",
"tracking": {
"current_release_date": "2025-12-18T12:22:20Z",
"generator": {
"date": "2025-12-18T12:22:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4482-1",
"initial_release_date": "2025-12-18T12:22:20Z",
"revision_history": [
{
"date": "2025-12-18T12:22:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.aarch64",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64",
"product_id": "grafana-11.5.10-150200.3.80.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le",
"product_id": "grafana-11.5.10-150200.3.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.s390x",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.s390x",
"product_id": "grafana-11.5.10-150200.3.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.x86_64",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64",
"product_id": "grafana-11.5.10-150200.3.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-6023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6023"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.\n\nThe open redirect can be chained with path traversal vulnerabilities to achieve XSS.\n\nFixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6023",
"url": "https://www.suse.com/security/cve/CVE-2025-6023"
},
{
"category": "external",
"summary": "SUSE Bug 1246735 for CVE-2025-6023",
"url": "https://bugzilla.suse.com/1246735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "important"
}
],
"title": "CVE-2025-6023"
},
{
"cve": "CVE-2025-6197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6197"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6197",
"url": "https://www.suse.com/security/cve/CVE-2025-6197"
},
{
"category": "external",
"summary": "SUSE Bug 1246736 for CVE-2025-6197",
"url": "https://bugzilla.suse.com/1246736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-6197"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2026:0028-1
Vulnerability from csaf_suse - Published: 2026-01-05 12:53 - Updated: 2026-01-05 12:53Summary
Security update for alloy
Severity
Important
Notes
Title of the patch: Security update for alloy
Description of the patch: This update for alloy fixes the following issues:
Upgrade to version 1.12.1.
Security issues fixed:
- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents
(bsc#1251509).
- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253609).
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251716).
Other updates and bugfixes:
- Version 1.12.1:
* Bugfixes
- update to Beyla 2.7.10.
- Version 1.12.0:
* Breaking changes
- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component
ID instead of the hostname as their instance label in their exported metrics.
* Features
- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare's LogPush
jobs.
- (Experimental) Additions to experimental `database_observability.mysql` component:
- `explain_plans`
- collector now changes schema before returning the connection to the pool.
- collector now passes queries more permissively.
- enable `explain_plans` collector by default
- (Experimental) Additions to experimental `database_observability.postgres` component:
- `explain_plans`
- added the explain plan collector.
- collector now passes queries more permissively.
- `query_samples`
- add user field to wait events within `query_samples` collector.
- rework the query samples collector to buffer per-query execution state across scrapes and emit finalized
entries.
- process turned idle rows to calculate finalization times precisely and emit first seen idle rows.
- `query_details`
- escape queries coming from `pg_stat_statements` with quotes.
- enable `explain_plans` collector by default.
- safely generate `server_id` when UDP socket used for database connection.
- add table registry and include 'validated' in parsed table name logs.
- Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud
Pub/Sub topic.
- Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.
- Send remote config status to the remote server for the `remotecfg` service.
- Send effective config to the remote server for the `remotecfg` service.
- Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting
both the query ID and the full SQL statement. The new block includes one option to enable statement selection,
and another to configure the maximum length of the statement text.
- Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.
- Add `u_probe_links` & `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of
the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.
- Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.
- Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.
- Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular
expression.
- OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.
- See the upstream
[core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)
and
[contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)
changelogs for more details.
- A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them
into a Mimir instance.
- Mark `stage.windowsevent` block in the `loki.process` component as GA.
* Enhancements
- Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one
application from consuming the rate limit quota of others.
- Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and
`pyroscope.receive_http`.
- Remove `SendSIGKILL=no` from unit files and recommendations.
- Reduce memory overhead of `prometheus.remote_write`'s WAL by lowering the size of the allocated series storage.
- Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from
`prometheus.relabel`.
- `prometheus.exporter.postgres` dependency has been updated to v0.18.1.
- Update Beyla component to 2.7.8.
- Support delimiters in `stage.luhn`.
- `pyroscope.java`: update `async-profiler` to 4.2.
- `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.
- `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.
- `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata
labels for use by downstream components.
- Rework underlying framework of Alloy UI to use Vite instead of Create React App.
- Use POST requests for remote config requests to avoid hitting http2 header limits.
- `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after
`graceful_shutdown_timeout` has expired.
- `kubernetes.discovery`: Add support for attaching namespace metadata.
- Add `meta_cache_address` to `beyla.ebpf` component.
* Bugfixes
- Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.
- Fix direction of arrows for pyroscope components in UI graph.
- Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.
- Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.
- Fix issues with 'unknown series ref when trying to add exemplar' from `prometheus.remote_write` by allowing
series ref links to be updated if they change.
- Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node
filtering is enabled, preventing 'Index with name `field:spec.nodeName` does not exist' errors.
- Fix issue in `loki.source.file` where scheduling files could take too long.
- Fix `loki.write` no longer includes internal labels __.
- Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.
- `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to
true.
- `loki.source.file` has better support for non-UTF-8 encoded files.
- Fix the `loki.write` endpoint block's `enable_http2` attribute to actually affect the client.
- Optionally remove trailing newlines before appending entries in `stage.multiline`.
- `loki.source.api` no longer drops request when relabel rules drops a specific stream.
Patchnames: SUSE-2026-28,SUSE-SLE-Module-Basesystem-15-SP7-2026-28
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpgrade to version 1.12.1.\n\nSecurity issues fixed:\n \n- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents\n (bsc#1251509).\n- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in\n response to a key listing or signing request (bsc#1253609).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251716).\n \nOther updates and bugfixes:\n \n- Version 1.12.1:\n * Bugfixes\n - update to Beyla 2.7.10.\n \n- Version 1.12.0:\n * Breaking changes\n - `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component\n ID instead of the hostname as their instance label in their exported metrics.\n * Features\n - (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare\u0027s LogPush\n jobs.\n - (Experimental) Additions to experimental `database_observability.mysql` component:\n - `explain_plans`\n - collector now changes schema before returning the connection to the pool.\n - collector now passes queries more permissively.\n - enable `explain_plans` collector by default\n - (Experimental) Additions to experimental `database_observability.postgres` component:\n - `explain_plans`\n - added the explain plan collector.\n - collector now passes queries more permissively.\n - `query_samples`\n - add user field to wait events within `query_samples` collector.\n - rework the query samples collector to buffer per-query execution state across scrapes and emit finalized\n entries.\n - process turned idle rows to calculate finalization times precisely and emit first seen idle rows.\n - `query_details`\n - escape queries coming from `pg_stat_statements` with quotes.\n - enable `explain_plans` collector by default.\n - safely generate `server_id` when UDP socket used for database connection.\n - add table registry and include \u0027validated\u0027 in parsed table name logs.\n - Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud\n Pub/Sub topic.\n - Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.\n - Send remote config status to the remote server for the `remotecfg` service.\n - Send effective config to the remote server for the `remotecfg` service.\n - Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting\n both the query ID and the full SQL statement. The new block includes one option to enable statement selection,\n and another to configure the maximum length of the statement text.\n - Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.\n - Add `u_probe_links` \u0026 `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of\n the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.\n - Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.\n - Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.\n - Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular\n expression.\n - OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.\n - See the upstream\n [core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)\n and\n [contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)\n changelogs for more details.\n - A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them\n into a Mimir instance.\n - Mark `stage.windowsevent` block in the `loki.process` component as GA.\n * Enhancements\n - Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one\n application from consuming the rate limit quota of others.\n - Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and\n `pyroscope.receive_http`.\n - Remove `SendSIGKILL=no` from unit files and recommendations.\n - Reduce memory overhead of `prometheus.remote_write`\u0027s WAL by lowering the size of the allocated series storage.\n - Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from\n `prometheus.relabel`.\n - `prometheus.exporter.postgres` dependency has been updated to v0.18.1.\n - Update Beyla component to 2.7.8.\n - Support delimiters in `stage.luhn`.\n - `pyroscope.java`: update `async-profiler` to 4.2.\n - `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.\n - `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.\n - `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata\n labels for use by downstream components.\n - Rework underlying framework of Alloy UI to use Vite instead of Create React App.\n - Use POST requests for remote config requests to avoid hitting http2 header limits.\n - `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after\n `graceful_shutdown_timeout` has expired.\n - `kubernetes.discovery`: Add support for attaching namespace metadata.\n - Add `meta_cache_address` to `beyla.ebpf` component.\n * Bugfixes\n - Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.\n - Fix direction of arrows for pyroscope components in UI graph.\n - Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.\n - Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.\n - Fix issues with \u0027unknown series ref when trying to add exemplar\u0027 from `prometheus.remote_write` by allowing\n series ref links to be updated if they change.\n - Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node\n filtering is enabled, preventing \u0027Index with name `field:spec.nodeName` does not exist\u0027 errors.\n - Fix issue in `loki.source.file` where scheduling files could take too long.\n - Fix `loki.write` no longer includes internal labels __.\n - Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.\n - `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to\n true.\n - `loki.source.file` has better support for non-UTF-8 encoded files.\n - Fix the `loki.write` endpoint block\u0027s `enable_http2` attribute to actually affect the client.\n - Optionally remove trailing newlines before appending entries in `stage.multiline`.\n - `loki.source.api` no longer drops request when relabel rules drops a specific stream.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-28,SUSE-SLE-Module-Basesystem-15-SP7-2026-28",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0028-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0028-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260028-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0028-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023680.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251509",
"url": "https://bugzilla.suse.com/1251509"
},
{
"category": "self",
"summary": "SUSE Bug 1251716",
"url": "https://bugzilla.suse.com/1251716"
},
{
"category": "self",
"summary": "SUSE Bug 1253609",
"url": "https://bugzilla.suse.com/1253609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-01-05T12:53:11Z",
"generator": {
"date": "2026-01-05T12:53:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0028-1",
"initial_release_date": "2026-01-05T12:53:11Z",
"revision_history": [
{
"date": "2026-01-05T12:53:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.aarch64",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.aarch64",
"product_id": "alloy-1.12.1-150700.15.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.ppc64le",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.ppc64le",
"product_id": "alloy-1.12.1-150700.15.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.s390x",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.s390x",
"product_id": "alloy-1.12.1-150700.15.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.x86_64",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.x86_64",
"product_id": "alloy-1.12.1-150700.15.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:0580-1
Vulnerability from csaf_suse - Published: 2026-02-19 11:38 - Updated: 2026-02-19 11:38Summary
Security update for apptainer
Severity
Moderate
Notes
Title of the patch: Security update for apptainer
Description of the patch: This update for apptainer fixes the following issues:
- CVE-2025-58190: Fixed a HTML parser misimplementation of a part of the HTML specification for table related tags. (bsc#1258048).
- CVE-2025-47911: Fixed an issue where the HTML parser takes a very long time or even never returns. (bsc#1258047).
Patchnames: SUSE-2026-580,SUSE-SLE-Module-HPC-15-SP7-2026-580,openSUSE-SLE-15.6-2026-580
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apptainer",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apptainer fixes the following issues:\n\n- CVE-2025-58190: Fixed a HTML parser misimplementation of a part of the HTML specification for table related tags. (bsc#1258048).\n- CVE-2025-47911: Fixed an issue where the HTML parser takes a very long time or even never returns. (bsc#1258047).\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-580,SUSE-SLE-Module-HPC-15-SP7-2026-580,openSUSE-SLE-15.6-2026-580",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0580-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0580-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260580-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0580-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024353.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253924",
"url": "https://bugzilla.suse.com/1253924"
},
{
"category": "self",
"summary": "SUSE Bug 1258047",
"url": "https://bugzilla.suse.com/1258047"
},
{
"category": "self",
"summary": "SUSE Bug 1258048",
"url": "https://bugzilla.suse.com/1258048"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for apptainer",
"tracking": {
"current_release_date": "2026-02-19T11:38:08Z",
"generator": {
"date": "2026-02-19T11:38:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0580-1",
"initial_release_date": "2026-02-19T11:38:08Z",
"revision_history": [
{
"date": "2026-02-19T11:38:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-150600.4.15.1.aarch64",
"product": {
"name": "apptainer-1.4.5-150600.4.15.1.aarch64",
"product_id": "apptainer-1.4.5-150600.4.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-150600.4.15.1.noarch",
"product": {
"name": "apptainer-leap-1.4.5-150600.4.15.1.noarch",
"product_id": "apptainer-leap-1.4.5-150600.4.15.1.noarch"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_6-1.4.5-150600.4.15.1.noarch",
"product": {
"name": "apptainer-sle15_6-1.4.5-150600.4.15.1.noarch",
"product_id": "apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"product": {
"name": "apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"product_id": "apptainer-sle15_7-1.4.5-150600.4.15.1.noarch"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-150600.4.15.1.noarch",
"product": {
"name": "apptainer-sle16-1.4.5-150600.4.15.1.noarch",
"product_id": "apptainer-sle16-1.4.5-150600.4.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-150600.4.15.1.x86_64",
"product": {
"name": "apptainer-1.4.5-150600.4.15.1.x86_64",
"product_id": "apptainer-1.4.5-150600.4.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-hpc:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-150600.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64"
},
"product_reference": "apptainer-1.4.5-150600.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-150600.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64"
},
"product_reference": "apptainer-1.4.5-150600.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-150600.4.15.1.noarch as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch"
},
"product_reference": "apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-150600.4.15.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64"
},
"product_reference": "apptainer-1.4.5-150600.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-150600.4.15.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64"
},
"product_reference": "apptainer-1.4.5-150600.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-150600.4.15.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch"
},
"product_reference": "apptainer-leap-1.4.5-150600.4.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_6-1.4.5-150600.4.15.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
},
"product_reference": "apptainer-sle15_6-1.4.5-150600.4.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T11:38:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-1.4.5-150600.4.15.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:apptainer-sle15_7-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.aarch64",
"openSUSE Leap 15.6:apptainer-1.4.5-150600.4.15.1.x86_64",
"openSUSE Leap 15.6:apptainer-leap-1.4.5-150600.4.15.1.noarch",
"openSUSE Leap 15.6:apptainer-sle15_6-1.4.5-150600.4.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T11:38:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20089-1
Vulnerability from csaf_suse - Published: 2026-01-15 17:57 - Updated: 2026-01-15 17:57Summary
Security update for alloy
Severity
Important
Notes
Title of the patch: Security update for alloy
Description of the patch: This update for alloy fixes the following issues:
Upgrade to version 1.12.1.
Security issues fixed:
- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents
(bsc#1251509).
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251716).
- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253609).
Other updates and bugfixes:
- Version 1.12.1:
* Bugfixes
- update to Beyla 2.7.10.
- Version 1.12.0:
* Breaking changes
- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component
ID instead of the hostname as their instance label in their exported metrics.
* Features
- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare's LogPush
jobs.
- (Experimental) Additions to experimental `database_observability.mysql` component:
- `explain_plans`
- collector now changes schema before returning the connection to the pool.
- collector now passes queries more permissively.
- enable `explain_plans` collector by default
- (Experimental) Additions to experimental `database_observability.postgres` component:
- `explain_plans`
- added the explain plan collector.
- collector now passes queries more permissively.
- `query_samples`
- add user field to wait events within `query_samples` collector.
- rework the query samples collector to buffer per-query execution state across scrapes and emit finalized
entries.
- process turned idle rows to calculate finalization times precisely and emit first seen idle rows.
- `query_details`
- escape queries coming from `pg_stat_statements` with quotes.
- enable `explain_plans` collector by default.
- safely generate `server_id` when UDP socket used for database connection.
- add table registry and include "validated" in parsed table name logs.
- Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud
Pub/Sub topic.
- Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.
- Send remote config status to the remote server for the `remotecfg` service.
- Send effective config to the remote server for the `remotecfg` service.
- Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting
both the query ID and the full SQL statement. The new block includes one option to enable statement selection,
and another to configure the maximum length of the statement text.
- Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.
- Add `u_probe_links` & `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of
the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.
- Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.
- Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.
- Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular
expression.
- OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.
- See the upstream
[core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)
and
[contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)
changelogs for more details.
- A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them
into a Mimir instance.
- Mark `stage.windowsevent` block in the `loki.process` component as GA.
* Enhancements
- Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one
application from consuming the rate limit quota of others.
- Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and
`pyroscope.receive_http`.
- Remove `SendSIGKILL=no` from unit files and recommendations.
- Reduce memory overhead of `prometheus.remote_write`'s WAL by lowering the size of the allocated series storage.
- Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from
`prometheus.relabel`.
- `prometheus.exporter.postgres` dependency has been updated to v0.18.1.
- Update Beyla component to 2.7.8.
- Support delimiters in `stage.luhn`.
- `pyroscope.java`: update `async-profiler` to 4.2.
- `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.
- `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.
- `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata
labels for use by downstream components.
- Rework underlying framework of Alloy UI to use Vite instead of Create React App.
- Use POST requests for remote config requests to avoid hitting http2 header limits.
- `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after
`graceful_shutdown_timeout` has expired.
- `kubernetes.discovery`: Add support for attaching namespace metadata.
- Add `meta_cache_address` to `beyla.ebpf` component.
* Bugfixes
- Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.
- Fix direction of arrows for pyroscope components in UI graph.
- Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.
- Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.
- Fix issues with "unknown series ref when trying to add exemplar" from `prometheus.remote_write` by allowing
series ref links to be updated if they change.
- Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node
filtering is enabled, preventing "Index with name `field:spec.nodeName` does not exist" errors.
- Fix issue in `loki.source.file` where scheduling files could take too long.
- Fix `loki.write` no longer includes internal labels __.
- Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.
- `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to
true.
- `loki.source.file` has better support for non-UTF-8 encoded files.
- Fix the `loki.write` endpoint block's `enable_http2` attribute to actually affect the client.
- Optionally remove trailing newlines before appending entries in `stage.multiline`.
- `loki.source.api` no longer drops request when relabel rules drops a specific stream.
Patchnames: SUSE-SLES-16.0-149
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpgrade to version 1.12.1.\n\n\nSecurity issues fixed:\n\n- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents\n (bsc#1251509).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251716).\n- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in\n response to a key listing or signing request (bsc#1253609).\n\nOther updates and bugfixes:\n\n- Version 1.12.1:\n * Bugfixes\n - update to Beyla 2.7.10.\n\n- Version 1.12.0:\n * Breaking changes\n - `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component\n ID instead of the hostname as their instance label in their exported metrics.\n * Features\n - (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare\u0027s LogPush\n jobs.\n - (Experimental) Additions to experimental `database_observability.mysql` component:\n - `explain_plans`\n - collector now changes schema before returning the connection to the pool.\n - collector now passes queries more permissively.\n - enable `explain_plans` collector by default\n - (Experimental) Additions to experimental `database_observability.postgres` component:\n - `explain_plans`\n - added the explain plan collector.\n - collector now passes queries more permissively.\n - `query_samples`\n - add user field to wait events within `query_samples` collector.\n - rework the query samples collector to buffer per-query execution state across scrapes and emit finalized\n entries.\n - process turned idle rows to calculate finalization times precisely and emit first seen idle rows.\n - `query_details`\n - escape queries coming from `pg_stat_statements` with quotes.\n - enable `explain_plans` collector by default.\n - safely generate `server_id` when UDP socket used for database connection.\n - add table registry and include \"validated\" in parsed table name logs.\n - Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud\n Pub/Sub topic.\n - Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.\n - Send remote config status to the remote server for the `remotecfg` service.\n - Send effective config to the remote server for the `remotecfg` service.\n - Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting\n both the query ID and the full SQL statement. The new block includes one option to enable statement selection,\n and another to configure the maximum length of the statement text.\n - Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.\n - Add `u_probe_links` \u0026 `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of\n the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.\n - Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.\n - Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.\n - Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular\n expression.\n - OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.\n - See the upstream\n [core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)\n and\n [contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)\n changelogs for more details.\n - A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them\n into a Mimir instance.\n - Mark `stage.windowsevent` block in the `loki.process` component as GA.\n * Enhancements\n - Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one\n application from consuming the rate limit quota of others.\n - Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and\n `pyroscope.receive_http`.\n - Remove `SendSIGKILL=no` from unit files and recommendations.\n - Reduce memory overhead of `prometheus.remote_write`\u0027s WAL by lowering the size of the allocated series storage.\n - Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from\n `prometheus.relabel`.\n - `prometheus.exporter.postgres` dependency has been updated to v0.18.1.\n - Update Beyla component to 2.7.8.\n - Support delimiters in `stage.luhn`.\n - `pyroscope.java`: update `async-profiler` to 4.2.\n - `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.\n - `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.\n - `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata\n labels for use by downstream components.\n - Rework underlying framework of Alloy UI to use Vite instead of Create React App.\n - Use POST requests for remote config requests to avoid hitting http2 header limits.\n - `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after\n `graceful_shutdown_timeout` has expired.\n - `kubernetes.discovery`: Add support for attaching namespace metadata.\n - Add `meta_cache_address` to `beyla.ebpf` component.\n * Bugfixes\n - Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.\n - Fix direction of arrows for pyroscope components in UI graph.\n - Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.\n - Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.\n - Fix issues with \"unknown series ref when trying to add exemplar\" from `prometheus.remote_write` by allowing\n series ref links to be updated if they change.\n - Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node\n filtering is enabled, preventing \"Index with name `field:spec.nodeName` does not exist\" errors.\n - Fix issue in `loki.source.file` where scheduling files could take too long.\n - Fix `loki.write` no longer includes internal labels __.\n - Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.\n - `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to\n true.\n - `loki.source.file` has better support for non-UTF-8 encoded files.\n - Fix the `loki.write` endpoint block\u0027s `enable_http2` attribute to actually affect the client.\n - Optionally remove trailing newlines before appending entries in `stage.multiline`.\n - `loki.source.api` no longer drops request when relabel rules drops a specific stream.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-149",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20089-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20089-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620089-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20089-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023811.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251509",
"url": "https://bugzilla.suse.com/1251509"
},
{
"category": "self",
"summary": "SUSE Bug 1251716",
"url": "https://bugzilla.suse.com/1251716"
},
{
"category": "self",
"summary": "SUSE Bug 1253609",
"url": "https://bugzilla.suse.com/1253609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-01-15T17:57:53Z",
"generator": {
"date": "2026-01-15T17:57:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20089-1",
"initial_release_date": "2026-01-15T17:57:53Z",
"revision_history": [
{
"date": "2026-01-15T17:57:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product": {
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product_id": "alloy-1.12.1-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product": {
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product_id": "alloy-1.12.1-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.s390x",
"product": {
"name": "alloy-1.12.1-160000.1.1.s390x",
"product_id": "alloy-1.12.1-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product": {
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product_id": "alloy-1.12.1-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64"
},
"product_reference": "alloy-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x"
},
"product_reference": "alloy-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64"
},
"product_reference": "alloy-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64"
},
"product_reference": "alloy-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x"
},
"product_reference": "alloy-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
},
"product_reference": "alloy-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20176-1
Vulnerability from csaf_suse - Published: 2026-01-29 15:32 - Updated: 2026-01-29 15:32Summary
Security update for elemental-register, elemental-toolkit
Severity
Important
Notes
Title of the patch: Security update for elemental-register, elemental-toolkit
Description of the patch: This update for elemental-register, elemental-toolkit fixes the following issues:
elemental-register was updated to 1.8.1:
Changes on top of v1.8.1:
* Update headers to 2026
* Update questions to include SL Micro 6.2
Update to v1.8.1:
* Install yip config files in before-install step
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit was updated to v2.3.2:
* Bump golang.org/x/crypto library
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
Patchnames: SUSE-SL-Micro-6.2-217
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for elemental-register, elemental-toolkit",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for elemental-register, elemental-toolkit fixes the following issues:\n\nelemental-register was updated to 1.8.1:\n\nChanges on top of v1.8.1:\n\n * Update headers to 2026\n * Update questions to include SL Micro 6.2\n\nUpdate to v1.8.1:\n\n * Install yip config files in before-install step\n * Bump github.com/rancher-sandbox/go-tpm and its dependencies\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n\nelemental-toolkit was updated to v2.3.2:\n\n * Bump golang.org/x/crypto library\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * bsc#1253581 (CVE-2025-47913)\n * bsc#1253901 (CVE-2025-58181)\n * bsc#1254079 (CVE-2025-47914)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-217",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20176-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20176-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620176-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20176-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024007.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241826",
"url": "https://bugzilla.suse.com/1241826"
},
{
"category": "self",
"summary": "SUSE Bug 1241857",
"url": "https://bugzilla.suse.com/1241857"
},
{
"category": "self",
"summary": "SUSE Bug 1251511",
"url": "https://bugzilla.suse.com/1251511"
},
{
"category": "self",
"summary": "SUSE Bug 1251679",
"url": "https://bugzilla.suse.com/1251679"
},
{
"category": "self",
"summary": "SUSE Bug 1253581",
"url": "https://bugzilla.suse.com/1253581"
},
{
"category": "self",
"summary": "SUSE Bug 1253901",
"url": "https://bugzilla.suse.com/1253901"
},
{
"category": "self",
"summary": "SUSE Bug 1254079",
"url": "https://bugzilla.suse.com/1254079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for elemental-register, elemental-toolkit",
"tracking": {
"current_release_date": "2026-01-29T15:32:26Z",
"generator": {
"date": "2026-01-29T15:32:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20176-1",
"initial_release_date": "2026-01-29T15:32:26Z",
"revision_history": [
{
"date": "2026-01-29T15:32:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-register-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-support-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-register-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-support-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20244-1
Vulnerability from csaf_suse - Published: 2026-01-15 11:08 - Updated: 2026-01-15 11:08Summary
Security update for elemental-toolkit, elemental-operator
Severity
Important
Notes
Title of the patch: Security update for elemental-toolkit, elemental-operator
Description of the patch: This update for elemental-toolkit, elemental-operator fixes the following issues:
elemental-operator:
- Update to version 1.6.10:
* Remove 'latest' tag as this overlaps with the latest branch
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This bump includes fixes to some CVEs:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit:
- Update to version 2.1.5:
* Update headers for new year 2026
* Disable selinux in installer media
- Update to version 2.1.4:
* Remove leftovers in installer integration test
* Bump to build against go 1.24
* Bump golang.org/x/crypto library
This bump includes fixes to some CVEs:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
Patchnames: SUSE-SLE-Micro-6.0-561
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for elemental-toolkit, elemental-operator",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for elemental-toolkit, elemental-operator fixes the following issues:\n\nelemental-operator:\n\n - Update to version 1.6.10:\n\n * Remove \u0027latest\u0027 tag as this overlaps with the latest branch\n * Bump github.com/rancher-sandbox/go-tpm and its dependencies\n This bump includes fixes to some CVEs:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n\nelemental-toolkit:\n\n - Update to version 2.1.5:\n\n * Update headers for new year 2026\n * Disable selinux in installer media\n\n - Update to version 2.1.4:\n\n * Remove leftovers in installer integration test\n * Bump to build against go 1.24\n * Bump golang.org/x/crypto library\n This bump includes fixes to some CVEs:\n\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * bsc#1253581 (CVE-2025-47913)\n * bsc#1253901 (CVE-2025-58181)\n * bsc#1254079 (CVE-2025-47914)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-561",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20244-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20244-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620244-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20244-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024237.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241826",
"url": "https://bugzilla.suse.com/1241826"
},
{
"category": "self",
"summary": "SUSE Bug 1241857",
"url": "https://bugzilla.suse.com/1241857"
},
{
"category": "self",
"summary": "SUSE Bug 1251511",
"url": "https://bugzilla.suse.com/1251511"
},
{
"category": "self",
"summary": "SUSE Bug 1251679",
"url": "https://bugzilla.suse.com/1251679"
},
{
"category": "self",
"summary": "SUSE Bug 1253581",
"url": "https://bugzilla.suse.com/1253581"
},
{
"category": "self",
"summary": "SUSE Bug 1253901",
"url": "https://bugzilla.suse.com/1253901"
},
{
"category": "self",
"summary": "SUSE Bug 1254079",
"url": "https://bugzilla.suse.com/1254079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for elemental-toolkit, elemental-operator",
"tracking": {
"current_release_date": "2026-01-15T11:08:38Z",
"generator": {
"date": "2026-01-15T11:08:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20244-1",
"initial_release_date": "2026-01-15T11:08:38Z",
"revision_history": [
{
"date": "2026-01-15T11:08:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.6.10-1.1.aarch64",
"product": {
"name": "elemental-register-1.6.10-1.1.aarch64",
"product_id": "elemental-register-1.6.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.6.10-1.1.aarch64",
"product": {
"name": "elemental-support-1.6.10-1.1.aarch64",
"product_id": "elemental-support-1.6.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.1.5-1.1.aarch64",
"product": {
"name": "elemental-toolkit-2.1.5-1.1.aarch64",
"product_id": "elemental-toolkit-2.1.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.6.10-1.1.x86_64",
"product": {
"name": "elemental-register-1.6.10-1.1.x86_64",
"product_id": "elemental-register-1.6.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.6.10-1.1.x86_64",
"product": {
"name": "elemental-support-1.6.10-1.1.x86_64",
"product_id": "elemental-support-1.6.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.1.5-1.1.x86_64",
"product": {
"name": "elemental-toolkit-2.1.5-1.1.x86_64",
"product_id": "elemental-toolkit-2.1.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.6.10-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64"
},
"product_reference": "elemental-register-1.6.10-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.6.10-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64"
},
"product_reference": "elemental-register-1.6.10-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.6.10-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64"
},
"product_reference": "elemental-support-1.6.10-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.6.10-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64"
},
"product_reference": "elemental-support-1.6.10-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.1.5-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64"
},
"product_reference": "elemental-toolkit-2.1.5-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.1.5-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
},
"product_reference": "elemental-toolkit-2.1.5-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-register-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-support-1.6.10-1.1.x86_64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.aarch64",
"SUSE Linux Micro 6.0:elemental-toolkit-2.1.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T11:08:38Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20357-1
Vulnerability from csaf_suse - Published: 2026-01-15 09:23 - Updated: 2026-01-15 09:23Summary
Security update for elemental-toolkit, elemental-operator
Severity
Important
Notes
Title of the patch: Security update for elemental-toolkit, elemental-operator
Description of the patch: This update for elemental-toolkit, elemental-operator fixes the following issues:
elemental-operator:
- Update to v1.7.4:
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This bump includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* Install yip config files in before-install step
* Revert "Do not delete ManagedOSVersions by default"
* Set default channel variable names consistent with OS version
* Do not delete ManagedOSVersions by default
* Include -channel suffix to channel names
* OS channel: enable baremetal channel by default
elemental-toolkit:
- Update to v2.2.7:
* Bump toolkit build to go 1.24
* Bump golang.org/x/crypto library
This bumg includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
- Update to v2.2.5:
* Permissive mode for green selinux
* Adapt code and unit tests
* Minor change to lookup devices using blkid
Patchnames: SUSE-SLE-Micro-6.1-375
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for elemental-toolkit, elemental-operator",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for elemental-toolkit, elemental-operator fixes the following issues:\n\nelemental-operator:\n\n - Update to v1.7.4:\n\n * Bump github.com/rancher-sandbox/go-tpm and its dependencies\n This bump includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * Install yip config files in before-install step\n * Revert \"Do not delete ManagedOSVersions by default\"\n * Set default channel variable names consistent with OS version\n * Do not delete ManagedOSVersions by default\n * Include -channel suffix to channel names\n * OS channel: enable baremetal channel by default\n\nelemental-toolkit:\n\n - Update to v2.2.7:\n\n * Bump toolkit build to go 1.24\n * Bump golang.org/x/crypto library\n This bumg includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * bsc#1253581 (CVE-2025-47913)\n * bsc#1253901 (CVE-2025-58181)\n * bsc#1254079 (CVE-2025-47914)\n\n - Update to v2.2.5:\n\n * Permissive mode for green selinux\n * Adapt code and unit tests\n * Minor change to lookup devices using blkid\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-375",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20357-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20357-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620357-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20357-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024326.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241826",
"url": "https://bugzilla.suse.com/1241826"
},
{
"category": "self",
"summary": "SUSE Bug 1241857",
"url": "https://bugzilla.suse.com/1241857"
},
{
"category": "self",
"summary": "SUSE Bug 1251511",
"url": "https://bugzilla.suse.com/1251511"
},
{
"category": "self",
"summary": "SUSE Bug 1251679",
"url": "https://bugzilla.suse.com/1251679"
},
{
"category": "self",
"summary": "SUSE Bug 1253581",
"url": "https://bugzilla.suse.com/1253581"
},
{
"category": "self",
"summary": "SUSE Bug 1253901",
"url": "https://bugzilla.suse.com/1253901"
},
{
"category": "self",
"summary": "SUSE Bug 1254079",
"url": "https://bugzilla.suse.com/1254079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for elemental-toolkit, elemental-operator",
"tracking": {
"current_release_date": "2026-01-15T09:23:45Z",
"generator": {
"date": "2026-01-15T09:23:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20357-1",
"initial_release_date": "2026-01-15T09:23:45Z",
"revision_history": [
{
"date": "2026-01-15T09:23:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"product": {
"name": "elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"product_id": "elemental-register-1.7.4-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"product": {
"name": "elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"product_id": "elemental-support-1.7.4-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"product": {
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"product_id": "elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"product": {
"name": "elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"product_id": "elemental-register-1.7.4-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"product": {
"name": "elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"product_id": "elemental-support-1.7.4-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64",
"product": {
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64",
"product_id": "elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.7.4-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64"
},
"product_reference": "elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.7.4-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64"
},
"product_reference": "elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.7.4-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64"
},
"product_reference": "elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.7.4-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64"
},
"product_reference": "elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64"
},
"product_reference": "elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
},
"product_reference": "elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-register-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-support-1.7.4-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:elemental-toolkit-2.2.7-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T09:23:45Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…