Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-20178 (GCVE-0-2021-20178)
Vulnerability from cvelistv5
Published
2021-05-26 00:00
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:30:07.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2021-e9478617ae", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, { name: "FEDORA-2021-9a0903469c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { tags: [ "x_transferred", ], url: "https://github.com/ansible-collections/community.general/pull/1635%2C", }, { tags: [ "x_transferred", ], url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { name: "[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Ansible", vendor: "n/a", versions: [ { status: "affected", version: "before 2.9.18", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:06:23.916505", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2021-e9478617ae", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, { name: "FEDORA-2021-9a0903469c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { url: "https://github.com/ansible-collections/community.general/pull/1635%2C", }, { url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { name: "[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-20178", datePublished: "2021-05-26T00:00:00", dateReserved: "2020-12-17T00:00:00", dateUpdated: "2024-08-03T17:30:07.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.9.18\", \"matchCriteriaId\": \"720A73E8-481A-4C14-B06B-7E2D0C1FFAD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B31C575C-06D2-4CAF-A5B7-B9469B3ED55F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36D96259-24BD-44E2-96D9-78CE1D41F956\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 un fallo en el m\\u00f3dulo ansible donde las credenciales son reveladas en el registro de la consola por defecto y no est\\u00e1n protegidas por la caracter\\u00edstica de seguridad cuando se usa el m\\u00f3dulo bitbucket_pipeline_variable. Este fallo permite a un atacante robar las credenciales del m\\u00f3dulo bitbucket_pipeline. La mayor amenaza de esta vulnerabilidad es la confidencialidad\"}]", id: "CVE-2021-20178", lastModified: "2024-11-21T05:46:04.550", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2021-05-26T12:15:18.897", references: "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1914774\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/ansible-collections/community.general/pull/1635%2C\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1914774\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/ansible-collections/community.general/pull/1635%2C\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-532\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2021-20178\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-05-26T12:15:18.897\",\"lastModified\":\"2024-11-21T05:46:04.550\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.\"},{\"lang\":\"es\",\"value\":\"Se encontró un fallo en el módulo ansible donde las credenciales son reveladas en el registro de la consola por defecto y no están protegidas por la característica de seguridad cuando se usa el módulo bitbucket_pipeline_variable. Este fallo permite a un atacante robar las credenciales del módulo bitbucket_pipeline. La mayor amenaza de esta vulnerabilidad es la confidencialidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.9.18\",\"matchCriteriaId\":\"720A73E8-481A-4C14-B06B-7E2D0C1FFAD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B31C575C-06D2-4CAF-A5B7-B9469B3ED55F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1914774\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/ansible-collections/community.general/pull/1635%2C\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1914774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/ansible-collections/community.general/pull/1635%2C\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
RHSA-2021:1079
Vulnerability from csaf_redhat
Published
2021-04-09 12:03
Modified
2024-11-22 16:36
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update
Notes
Topic
Red Hat Ansible Automation Platform Resource Operator 1.2 (technical
preview) images that fix several security issues.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform Resource Operator container images
with security fixes.
Ansible Automation Platform manages Ansible Platform jobs and workflows
that can interface with any infrastructure on a Red Hat OpenShift Container
Platform cluster, or on a traditional infrastructure that is running
off-cluster.
Security fixes:
CVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)
CVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)
CVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)
CVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)
CVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)
For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Automation Platform Resource Operator 1.2 (technical\npreview) images that fix several security issues.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Ansible Automation Platform Resource Operator container images \nwith security fixes.\n\nAnsible Automation Platform manages Ansible Platform jobs and workflows\nthat can interface with any infrastructure on a Red Hat OpenShift Container\nPlatform cluster, or on a traditional infrastructure that is running\noff-cluster.\n\nSecurity fixes:\n\nCVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)\n\nCVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)\n\nCVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)\n\nCVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)\n\nCVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)\n\nFor more details about the security issue, including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1079", url: "https://access.redhat.com/errata/RHSA-2021:1079", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20191", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20178", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20180", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20228", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-3447", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1079.json", }, ], title: "Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update", tracking: { current_release_date: "2024-11-22T16:36:55+00:00", generator: { date: "2024-11-22T16:36:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:1079", initial_release_date: "2021-04-09T12:03:25+00:00", revision_history: [ { date: "2021-04-09T12:03:25+00:00", number: "1", summary: "Initial version", }, { date: "2021-04-09T12:03:25+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:36:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product: { name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:1.2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Automation Platform", }, { branches: [ { category: "product_version", name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_id: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-operator-bundle&tag=v0.1.1-1", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_id: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-rhel7-operator&tag=v0.1.0-12", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_id: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-runner-rhel7&tag=v0.1.0-15", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", }, product_reference: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", }, product_reference: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", }, product_reference: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "John Barker", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, { names: [ "Felix Fontein", ], }, { names: [ "Chen Zhi", ], organization: "Zhejiang University", }, ], cve: "CVE-2021-3447", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-03-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1939349", }, ], notes: [ { category: "description", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Gluster Storage 3 no longer maintains its own version of ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "RHBZ#1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3447", url: "https://www.cve.org/CVERecord?id=CVE-2021-3447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", }, ], release_date: "2021-03-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021:2180
Vulnerability from csaf_redhat
Published
2021-06-01 13:23
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]
Notes
Topic
Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* ansible: user data leak in snmp_facts module (CVE-2021-20178)
* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)
* ansible: multiple modules expose secured values (CVE-2021-20191)
* ansible: basic.py no_log with fallback option (CVE-2021-20228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* ansible: user data leak in snmp_facts module (CVE-2021-20178)\n\n* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)\n\n* ansible: multiple modules expose secured values (CVE-2021-20191)\n\n* ansible: basic.py no_log with fallback option (CVE-2021-20228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:2180", url: "https://access.redhat.com/errata/RHSA-2021:2180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1924590", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1924590", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1933238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933238", }, { category: "external", summary: "1933672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933672", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2180.json", }, ], title: "Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]", tracking: { current_release_date: "2024-11-22T16:31:34+00:00", generator: { date: "2024-11-22T16:31:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:2180", initial_release_date: "2021-06-01T13:23:55+00:00", revision_history: [ { date: "2021-06-01T13:23:55+00:00", number: "1", summary: "Initial version", }, { date: "2021-06-01T13:23:55+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product: { name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_id: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.4.1-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021:1079
Vulnerability from csaf_redhat
Published
2021-04-09 12:03
Modified
2024-11-22 16:36
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update
Notes
Topic
Red Hat Ansible Automation Platform Resource Operator 1.2 (technical
preview) images that fix several security issues.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform Resource Operator container images
with security fixes.
Ansible Automation Platform manages Ansible Platform jobs and workflows
that can interface with any infrastructure on a Red Hat OpenShift Container
Platform cluster, or on a traditional infrastructure that is running
off-cluster.
Security fixes:
CVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)
CVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)
CVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)
CVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)
CVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)
For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Automation Platform Resource Operator 1.2 (technical\npreview) images that fix several security issues.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Ansible Automation Platform Resource Operator container images \nwith security fixes.\n\nAnsible Automation Platform manages Ansible Platform jobs and workflows\nthat can interface with any infrastructure on a Red Hat OpenShift Container\nPlatform cluster, or on a traditional infrastructure that is running\noff-cluster.\n\nSecurity fixes:\n\nCVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)\n\nCVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)\n\nCVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)\n\nCVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)\n\nCVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)\n\nFor more details about the security issue, including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1079", url: "https://access.redhat.com/errata/RHSA-2021:1079", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20191", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20178", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20180", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20228", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-3447", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1079.json", }, ], title: "Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update", tracking: { current_release_date: "2024-11-22T16:36:55+00:00", generator: { date: "2024-11-22T16:36:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:1079", initial_release_date: "2021-04-09T12:03:25+00:00", revision_history: [ { date: "2021-04-09T12:03:25+00:00", number: "1", summary: "Initial version", }, { date: "2021-04-09T12:03:25+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:36:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product: { name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:1.2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Automation Platform", }, { branches: [ { category: "product_version", name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_id: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-operator-bundle&tag=v0.1.1-1", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_id: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-rhel7-operator&tag=v0.1.0-12", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_id: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-runner-rhel7&tag=v0.1.0-15", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", }, product_reference: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", }, product_reference: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", }, product_reference: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "John Barker", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, { names: [ "Felix Fontein", ], }, { names: [ "Chen Zhi", ], organization: "Zhejiang University", }, ], cve: "CVE-2021-3447", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-03-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1939349", }, ], notes: [ { category: "description", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Gluster Storage 3 no longer maintains its own version of ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "RHBZ#1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3447", url: "https://www.cve.org/CVERecord?id=CVE-2021-3447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", }, ], release_date: "2021-03-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021:0664
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2.9
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2.9\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0664", url: "https://access.redhat.com/errata/RHSA-2021:0664", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0664.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:21+00:00", generator: { date: "2024-11-22T16:31:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0664", initial_release_date: "2021-02-24T17:47:49+00:00", revision_history: [ { date: "2021-02-24T17:47:49+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 8", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021_0664
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2.9
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2.9\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0664", url: "https://access.redhat.com/errata/RHSA-2021:0664", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0664.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:21+00:00", generator: { date: "2024-11-22T16:31:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0664", initial_release_date: "2021-02-24T17:47:49+00:00", revision_history: [ { date: "2021-02-24T17:47:49+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 8", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021_0663
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0663", url: "https://access.redhat.com/errata/RHSA-2021:0663", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0663.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:15+00:00", generator: { date: "2024-11-22T16:31:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0663", initial_release_date: "2021-02-24T17:47:57+00:00", revision_history: [ { date: "2021-02-24T17:47:57+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:57+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 8", product: { name: "Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 7", product: { name: "Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
RHSA-2021:0663
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0663", url: "https://access.redhat.com/errata/RHSA-2021:0663", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0663.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:15+00:00", generator: { date: "2024-11-22T16:31:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0663", initial_release_date: "2021-02-24T17:47:57+00:00", revision_history: [ { date: "2021-02-24T17:47:57+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:57+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 8", product: { name: "Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 7", product: { name: "Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
RHSA-2021:0664
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2.9
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2.9\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0664", url: "https://access.redhat.com/errata/RHSA-2021:0664", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0664.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:21+00:00", generator: { date: "2024-11-22T16:31:21+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0664", initial_release_date: "2021-02-24T17:47:49+00:00", revision_history: [ { date: "2021-02-24T17:47:49+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:21+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 8", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product: { name: "Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2.9::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 7 Server", product_id: "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2.9", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2.9 for RHEL 8", product_id: "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2.9", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:49+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0664", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2.9:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2.9:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2.9:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2.9:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
RHSA-2021:2180
Vulnerability from csaf_redhat
Published
2021-06-01 13:23
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]
Notes
Topic
Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* ansible: user data leak in snmp_facts module (CVE-2021-20178)
* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)
* ansible: multiple modules expose secured values (CVE-2021-20191)
* ansible: basic.py no_log with fallback option (CVE-2021-20228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* ansible: user data leak in snmp_facts module (CVE-2021-20178)\n\n* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)\n\n* ansible: multiple modules expose secured values (CVE-2021-20191)\n\n* ansible: basic.py no_log with fallback option (CVE-2021-20228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:2180", url: "https://access.redhat.com/errata/RHSA-2021:2180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1924590", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1924590", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1933238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933238", }, { category: "external", summary: "1933672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933672", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2180.json", }, ], title: "Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]", tracking: { current_release_date: "2024-11-22T16:31:34+00:00", generator: { date: "2024-11-22T16:31:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:2180", initial_release_date: "2021-06-01T13:23:55+00:00", revision_history: [ { date: "2021-06-01T13:23:55+00:00", number: "1", summary: "Initial version", }, { date: "2021-06-01T13:23:55+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product: { name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_id: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.4.1-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021:0663
Vulnerability from csaf_redhat
Published
2021-02-24 17:47
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)
Notes
Topic
An update for ansible is now available for Ansible Engine 2
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Ansible is a simple model-driven configuration management, multi-node
deployment, and remote-task execution system. Ansible works over SSH and
does not require any software or daemons to be installed on remote nodes.
Extension modules can be written in any language and are transferred to
managed machines automatically.
The following packages have been upgraded to a newer upstream version:
ansible (2.9.18)
Bug Fix(es):
* CVE-2021-20178 ansible: user data leak in snmp_facts module
* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes
secured values
* CVE-2021-20191 ansible: multiple collections exposes secured values
* CVE-2021-20228 ansible: basic.py no_log with fallback option
See:
https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
for details on bug fixes in this release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for ansible is now available for Ansible Engine 2\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Ansible is a simple model-driven configuration management, multi-node\ndeployment, and remote-task execution system. Ansible works over SSH and\ndoes not require any software or daemons to be installed on remote nodes.\nExtension modules can be written in any language and are transferred to\nmanaged machines automatically.\n\nThe following packages have been upgraded to a newer upstream version:\nansible (2.9.18)\n\nBug Fix(es):\n* CVE-2021-20178 ansible: user data leak in snmp_facts module\n* CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes\nsecured values\n* CVE-2021-20191 ansible: multiple collections exposes secured values\n* CVE-2021-20228 ansible: basic.py no_log with fallback option\n\nSee:\nhttps://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst\nfor details on bug fixes in this release.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0663", url: "https://access.redhat.com/errata/RHSA-2021:0663", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0663.json", }, ], title: "Red Hat Security Advisory: Ansible security and bug fix update (2.9.18)", tracking: { current_release_date: "2024-11-22T16:31:15+00:00", generator: { date: "2024-11-22T16:31:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0663", initial_release_date: "2021-02-24T17:47:57+00:00", revision_history: [ { date: "2021-02-24T17:47:57+00:00", number: "1", summary: "Initial version", }, { date: "2021-02-24T17:47:57+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 8", product: { name: "Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Engine 2 for RHEL 7", product: { name: "Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_engine:2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Engine", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.src", product: { name: "ansible-0:2.9.18-1.el7ae.src", product_id: "ansible-0:2.9.18-1.el7ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el8ae.noarch", product_id: "ansible-test-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-0:2.9.18-1.el7ae.noarch", product_id: "ansible-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el7ae?arch=noarch", }, }, }, { category: "product_version", name: "ansible-test-0:2.9.18-1.el7ae.noarch", product: { name: "ansible-test-0:2.9.18-1.el7ae.noarch", product_id: "ansible-test-0:2.9.18-1.el7ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-test@2.9.18-1.el7ae?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el7ae.src as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", }, product_reference: "ansible-0:2.9.18-1.el7ae.src", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el7ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 7", product_id: "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el7ae.noarch", relates_to_product_reference: "7Server-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-Ansible-2", }, { category: "default_component_of", full_product_name: { name: "ansible-test-0:2.9.18-1.el8ae.noarch as a component of Red Hat Ansible Engine 2 for RHEL 8", product_id: "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-test-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-Ansible-2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-02-24T17:47:57+00:00", details: "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0663", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.noarch", "7Server-Ansible-2:ansible-0:2.9.18-1.el7ae.src", "7Server-Ansible-2:ansible-test-0:2.9.18-1.el7ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.noarch", "8Base-Ansible-2:ansible-0:2.9.18-1.el8ae.src", "8Base-Ansible-2:ansible-test-0:2.9.18-1.el8ae.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021_1079
Vulnerability from csaf_redhat
Published
2021-04-09 12:03
Modified
2024-11-22 16:36
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update
Notes
Topic
Red Hat Ansible Automation Platform Resource Operator 1.2 (technical
preview) images that fix several security issues.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform Resource Operator container images
with security fixes.
Ansible Automation Platform manages Ansible Platform jobs and workflows
that can interface with any infrastructure on a Red Hat OpenShift Container
Platform cluster, or on a traditional infrastructure that is running
off-cluster.
Security fixes:
CVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)
CVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)
CVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)
CVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)
CVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)
For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Automation Platform Resource Operator 1.2 (technical\npreview) images that fix several security issues.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Ansible Automation Platform Resource Operator container images \nwith security fixes.\n\nAnsible Automation Platform manages Ansible Platform jobs and workflows\nthat can interface with any infrastructure on a Red Hat OpenShift Container\nPlatform cluster, or on a traditional infrastructure that is running\noff-cluster.\n\nSecurity fixes:\n\nCVE-2021-20191 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1916813)\n\nCVE-2021-20178 ansible: user data leak in snmp_facts module [ansible_automation_platform-1.2] (BZ#1914774)\n\nCVE-2021-20180 ansible: ansible module: bitbucket_pipeline_variable exposes secured values [ansible_automation_platform-1.2] (BZ#1915808)\n\nCVE-2021-20228 ansible: basic.py no_log with fallback option [ansible_automation_platform-1.2] (BZ#1925002)\n\nCVE-2021-3447 ansible: multiple modules expose secured values [ansible_automation_platform-1.2] (BZ#1939349)\n\nFor more details about the security issue, including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1079", url: "https://access.redhat.com/errata/RHSA-2021:1079", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20191", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20178", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20180", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-20228", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2021-3447", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1079.json", }, ], title: "Red Hat Security Advisory: Red Hat Ansible Automation Platform Operator 1.2 security update", tracking: { current_release_date: "2024-11-22T16:36:55+00:00", generator: { date: "2024-11-22T16:36:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:1079", initial_release_date: "2021-04-09T12:03:25+00:00", revision_history: [ { date: "2021-04-09T12:03:25+00:00", number: "1", summary: "Initial version", }, { date: "2021-04-09T12:03:25+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:36:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product: { name: "Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:1.2::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Automation Platform", }, { branches: [ { category: "product_version", name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_id: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-operator-bundle&tag=v0.1.1-1", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_id: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-rhel7-operator&tag=v0.1.0-12", }, }, }, { category: "product_version", name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_id: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", product_identification_helper: { purl: "pkg:oci/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5?arch=amd64&repository_url=registry.redhat.io/ansible-automation-platform/platform-resource-runner-rhel7&tag=v0.1.0-15", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", }, product_reference: "ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", }, product_reference: "ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64 as a component of Red Hat Ansible Automation Platform 1.2 for RHEL 7", product_id: "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", }, product_reference: "ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", relates_to_product_reference: "7Server-Ansible-Automation-Platform-1.2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "John Barker", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, { names: [ "Felix Fontein", ], }, { names: [ "Chen Zhi", ], organization: "Zhejiang University", }, ], cve: "CVE-2021-3447", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-03-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1939349", }, ], notes: [ { category: "description", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Gluster Storage 3 no longer maintains its own version of ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "RHBZ#1939349", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1939349", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3447", url: "https://www.cve.org/CVERecord?id=CVE-2021-3447", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3447", }, ], release_date: "2021-03-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-04-09T12:03:25+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1079", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-operator-bundle@sha256:1f31be82087b8d16953388696eff7ac7bfc93a507704ff10fe3db23eda1cd856_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-rhel7-operator@sha256:e7bc27fe0dd38a48e8c09910d2162dd3c9d742f89f0f6e3888d1a49ff8f052ed_amd64", "7Server-Ansible-Automation-Platform-1.2:ansible-automation-platform/platform-resource-runner-rhel7@sha256:dd030e15ac5ae0400cada0e5d5ba620621ff3895de8bc43ba9ab62b4236c5fc5_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
rhsa-2021_2180
Vulnerability from csaf_redhat
Published
2021-06-01 13:23
Modified
2024-11-22 16:31
Summary
Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]
Notes
Topic
Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* ansible: user data leak in snmp_facts module (CVE-2021-20178)
* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)
* ansible: multiple modules expose secured values (CVE-2021-20191)
* ansible: basic.py no_log with fallback option (CVE-2021-20228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* ansible: user data leak in snmp_facts module (CVE-2021-20178)\n\n* ansible module: bitbucket_pipeline_variable exposes secured values (CVE-2021-20180)\n\n* ansible: multiple modules expose secured values (CVE-2021-20191)\n\n* ansible: basic.py no_log with fallback option (CVE-2021-20228)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization 4.4.6 now requires Ansible 2.9.18 (BZ#1933672)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:2180", url: "https://access.redhat.com/errata/RHSA-2021:2180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "1924590", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1924590", }, { category: "external", summary: "1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "1933238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933238", }, { category: "external", summary: "1933672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1933672", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2180.json", }, ], title: "Red Hat Security Advisory: RHV Engine and Host Common Packages security update [ovirt-4.4.6]", tracking: { current_release_date: "2024-11-22T16:31:34+00:00", generator: { date: "2024-11-22T16:31:34+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:2180", initial_release_date: "2021-06-01T13:23:55+00:00", revision_history: [ { date: "2021-06-01T13:23:55+00:00", number: "1", summary: "Initial version", }, { date: "2021-06-01T13:23:55+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:31:34+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product: { name: "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, { category: "product_name", name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product: { name: "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools", product_identification_helper: { cpe: "cpe:/o:redhat:rhev_hypervisor:4.4::el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.src", product: { name: "ansible-0:2.9.18-1.el8ae.src", product_id: "ansible-0:2.9.18-1.el8ae.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=src", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_id: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ansible-0:2.9.18-1.el8ae.noarch", product: { name: "ansible-0:2.9.18-1.el8ae.noarch", product_id: "ansible-0:2.9.18-1.el8ae.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible@2.9.18-1.el8ae?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_id: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-ansible-collection@1.4.2-1.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.4.1-1.el8ev?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_id: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.4.1-1.el8ev?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_id: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-ovirt-engine-sdk4-debugsource@4.4.12-1.el8ev?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_id: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.4.12-1.el8ev?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8", product_id: "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-4-Tools", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts", product_id: "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-Agents-4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", }, product_reference: "ansible-0:2.9.18-1.el8ae.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-0:2.9.18-1.el8ae.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", }, product_reference: "ansible-0:2.9.18-1.el8ae.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", }, product_reference: "ovirt-ansible-collection-0:1.4.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", }, product_reference: "python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", }, product_reference: "python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64 as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", }, product_reference: "rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20178", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-06T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914774", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: user data leak in snmp_facts module", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable snmp module. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "RHBZ#1914774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20178", url: "https://www.cve.org/CVERecord?id=CVE-2021-20178", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: user data leak in snmp_facts module", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20180", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-12-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1915808", }, ], notes: [ { category: "description", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "module: bitbucket_pipeline_variable exposes secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of Ansible provided in Red Hat Gluster Storage 3 does not contain the vulnerable bitbucket module and is not affected by this vulnerability. However, Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which includes bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "RHBZ#1915808", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1915808", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20180", url: "https://www.cve.org/CVERecord?id=CVE-2021-20180", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20180", }, ], release_date: "2021-01-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "module: bitbucket_pipeline_variable exposes secured values", }, { acknowledgments: [ { names: [ "Rick Elrod", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2021-20191", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2021-01-12T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1916813", }, ], notes: [ { category: "description", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: multiple modules expose secured values", title: "Vulnerability summary", }, { category: "other", text: "The version of ansible shipped with Red Hat Gluster Storage (RHGS) 3 includes the vulnerable `network/nxos/nxos_*` modules. However, RHGS 3 no longer maintains its own version of Ansible, prerequisite is to enable ansible repository in order to consume the latest version of ansible which has many bug and security fixes.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "RHBZ#1916813", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916813", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20191", url: "https://www.cve.org/CVERecord?id=CVE-2021-20191", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20191", }, ], release_date: "2021-01-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: multiple modules expose secured values", }, { cve: "CVE-2021-20228", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2021-02-04T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1925002", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: basic.py no_log with fallback option", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], known_not_affected: [ "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-4-Tools:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-4-Tools:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-4-Tools:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-Agents-4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.ppc64le", "8Base-RHV-Agents-4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-ansible-collection-0:1.4.2-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-0:4.4.12-1.el8ev.src", "8Base-RHV-S-4.4:python-ovirt-engine-sdk4-debugsource-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:python3-ovirt-engine-sdk4-debuginfo-0:4.4.12-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.src", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debuginfo-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-debugsource-0:4.4.1-1.el8ev.x86_64", "8Base-RHV-S-4.4:rubygem-ovirt-engine-sdk4-doc-0:4.4.1-1.el8ev.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "RHBZ#1925002", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1925002", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20228", url: "https://www.cve.org/CVERecord?id=CVE-2021-20228", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20228", }, { category: "external", summary: "https://github.com/ansible/ansible/pull/73487", url: "https://github.com/ansible/ansible/pull/73487", }, ], release_date: "2021-01-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-06-01T13:23:55+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:2180", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-Agents-4:ansible-0:2.9.18-1.el8ae.src", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.noarch", "8Base-RHV-S-4.4:ansible-0:2.9.18-1.el8ae.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: basic.py no_log with fallback option", }, ], }
pysec-2021-106
Vulnerability from pysec
Published
2021-05-26 12:15
Modified
2021-07-02 02:41
Details
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
Impacted products
| Name | purl |
|---|---|
| ansible | pkg:pypi/ansible |
Aliases
{ affected: [ { package: { ecosystem: "PyPI", name: "ansible", purl: "pkg:pypi/ansible", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "2.9.18", }, ], type: "ECOSYSTEM", }, ], versions: [ "1.0", "1.1", "1.2", "1.2.1", "1.2.2", "1.2.3", "1.3.0", "1.3.1", "1.3.2", "1.3.3", "1.3.4", "1.4", "1.4.1", "1.4.2", "1.4.3", "1.4.4", "1.4.5", "1.5", "1.5.1", "1.5.2", "1.5.3", "1.5.4", "1.5.5", "1.6", "1.6.1", "1.6.10", "1.6.2", "1.6.3", "1.6.4", "1.6.5", "1.6.6", "1.6.7", "1.6.8", "1.6.9", "1.7", "1.7.1", "1.7.2", "1.8", "1.8.1", "1.8.2", "1.8.3", "1.8.4", "1.9.0", "1.9.0.1", "1.9.1", "1.9.2", "1.9.3", "1.9.4", "1.9.5", "1.9.6", "2.0.0", "2.0.0.0", "2.0.0.1", "2.0.0.2", "2.0.1.0", "2.0.2.0", "2.1.0.0", "2.1.1.0", "2.1.2.0", "2.1.3.0", "2.1.4.0", "2.1.5.0", "2.1.6.0", "2.2.0.0", "2.2.1.0", "2.2.2.0", "2.2.3.0", "2.3.0.0", "2.3.1.0", "2.3.2.0", "2.3.3.0", "2.4.0.0", "2.4.1.0", "2.4.2.0", "2.4.3.0", "2.4.4.0", "2.4.5.0", "2.4.6.0", "2.5.0", "2.5.0a1", "2.5.0b1", "2.5.0b2", "2.5.0rc1", "2.5.0rc2", "2.5.0rc3", "2.5.1", "2.5.10", "2.5.11", "2.5.12", "2.5.13", "2.5.14", "2.5.15", "2.5.2", "2.5.3", "2.5.4", "2.5.5", "2.5.6", "2.5.7", "2.5.8", "2.5.9", "2.6.0", "2.6.0a1", "2.6.0a2", "2.6.0rc1", "2.6.0rc2", "2.6.0rc3", "2.6.0rc4", "2.6.0rc5", "2.6.1", "2.6.10", "2.6.11", "2.6.12", "2.6.13", "2.6.14", "2.6.15", "2.6.16", "2.6.17", "2.6.18", "2.6.19", "2.6.2", "2.6.20", "2.6.3", "2.6.4", "2.6.5", "2.6.6", "2.6.7", "2.6.8", "2.6.9", "2.7.0", "2.7.0.dev0", "2.7.0a1", "2.7.0b1", "2.7.0rc1", "2.7.0rc2", "2.7.0rc3", "2.7.0rc4", "2.7.1", "2.7.10", "2.7.11", "2.7.12", "2.7.13", "2.7.14", "2.7.15", "2.7.16", "2.7.17", "2.7.18", "2.7.2", "2.7.3", "2.7.4", "2.7.5", "2.7.6", "2.7.7", "2.7.8", "2.7.9", "2.8.0", "2.8.0a1", "2.8.0b1", "2.8.0rc1", "2.8.0rc2", "2.8.0rc3", "2.8.1", "2.8.10", "2.8.11", "2.8.12", "2.8.13", "2.8.14", "2.8.15", "2.8.16", "2.8.16rc1", "2.8.17", "2.8.17rc1", "2.8.18", "2.8.18rc1", "2.8.19", "2.8.19rc1", "2.8.2", "2.8.20", "2.8.20rc1", "2.8.3", "2.8.4", "2.8.5", "2.8.6", "2.8.7", "2.8.8", "2.8.9", "2.9.0", "2.9.0b1", "2.9.0rc1", "2.9.0rc2", "2.9.0rc3", "2.9.0rc4", "2.9.0rc5", "2.9.1", "2.9.10", "2.9.11", "2.9.12", "2.9.13", "2.9.14", "2.9.14rc1", "2.9.15", "2.9.15rc1", "2.9.16", "2.9.16rc1", "2.9.17", "2.9.17rc1", "2.9.18rc1", "2.9.2", "2.9.3", "2.9.4", "2.9.5", "2.9.6", "2.9.7", "2.9.8", "2.9.9", ], }, ], aliases: [ "CVE-2021-20178", "GHSA-wv5p-gmmv-wh9v", ], details: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", id: "PYSEC-2021-106", modified: "2021-07-02T02:41:35.206595Z", published: "2021-05-26T12:15:00Z", references: [ { type: "WEB", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { type: "REPORT", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { type: "WEB", url: "https://github.com/ansible-collections/community.general/pull/1635,", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-wv5p-gmmv-wh9v", }, ], }
ghsa-wv5p-gmmv-wh9v
Vulnerability from github
Published
2021-06-01 21:53
Modified
2024-11-18 16:26
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Insertion of Sensitive Information into Log File in ansible
Details
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
{ affected: [ { package: { ecosystem: "PyPI", name: "ansible", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "2.9.18", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2021-20178", ], database_specific: { cwe_ids: [ "CWE-532", ], github_reviewed: true, github_reviewed_at: "2021-06-01T20:21:27Z", nvd_published_at: "2021-05-26T12:15:00Z", severity: "HIGH", }, details: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", id: "GHSA-wv5p-gmmv-wh9v", modified: "2024-11-18T16:26:14Z", published: "2021-06-01T21:53:29Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", }, { type: "WEB", url: "https://github.com/ansible-collections/community.general/pull/1635", }, { type: "WEB", url: "https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-wv5p-gmmv-wh9v", }, { type: "WEB", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes", }, { type: "WEB", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { type: "WEB", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,", }, { type: "WEB", url: "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", type: "CVSS_V4", }, ], summary: "Insertion of Sensitive Information into Log File in ansible", }
suse-su-2024:0196-1
Vulnerability from csaf_suse
Published
2024-01-23 15:20
Modified
2024-01-23 15:20
Summary
Security Beta update for SUSE Manager Client Tools and Salt
Notes
Title of the patch
Security Beta update for SUSE Manager Client Tools and Salt
Description of the patch
This update fixes the following issues:
ansible:
- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)
* bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive
info in traceback error message (in 2.9.27)
* bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line
strings with ansible facts used in template. (in 2.9.23)
* bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in
ansible 2.9.13 (in 2.9.15)
- Update to 2.9.22:
* CVE-2021-3447 (bsc#1183684) multiple modules expose secured values
* CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option
* CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values
* CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values
* CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module
dracut-saltboot:
- Update to version 0.1.1681904360.84ef141
* Load network configuration even when missing protocol version
(bsc#1210640)
- Update to verion 0.1.1674034019.a93ff61
* Install copied wicked config as client.xml (bsc#1205599)
- Update to version 0.1.1673279145.e7616bd
* Add failsafe stop file when salt-minion does not stop (bsc#1172110)
* Copy existing wicked config instead of generating new (bsc#1205599)
- Update to version 0.1.1665997480.587fa10
* Add dependencies on xz and gzip to support compressed images
- Update to version 0.1.1661440542.6cbe0da
* Use standard susemanager.conf
* Move image services to dracut-saltboot package
* Use salt bundle
- Require e2fsprogs (bsc#1202614)
- Update to version 0.1.1657643023.0d694ce
* Update dracut-saltboot dependencies (bsc#1200970)
* Fix network loading when ipappend is used in pxe config
* Add new information messages
golang-github-QubitProducts-exporter_exporter:
- Remove license file from %doc
- Exclude s390 arch
- Adapted to build on Enterprise Linux.
- Fix build for RedHat 7
- Require Go >= 1.14 also for CentOS
- Add support for CentOS
- Replace %{?systemd_requires} with %{?systemd_ordering}
golang-github-boynux-squid_exporter:
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Enhanced to build on Enterprise Linux 8.
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for RHEL >= 8
- Build with Go >= 1.20 when the OS is not RHEL
- Spec file clean up
- Fix apparmor profile for SLE 12
- Do not build with apparmor profile for SLE 12
- Upgrade to version 1.0.0 (jsc#PED-5405)
* Improved flag parsing
* Added support for custom headers
- Build with Go 1.19
- Build using promu
- Add _service file
- Fix sandboxing options
- Upgrade to version 0.13.4
* Fix denial of service vulnerability
(CVE-2022-32149, bsc#1204501)
- Upgrade to version 0.13.3
* Fix uncontrolled resource consumption
(CVE-2022-41723, bsc#1208270)
- Upgrade to version 0.13.1
* Fix panic caused by missing flagConfig options
- Upgrade to version 0.13.0
* Fix authentication bypass vulnarability
(CVE-2022-46146, bsc#1208046)
- Corrected comment in AppArmor profile
- Added AppArmor profile
- Added sandboxing options to systemd service unit
- Exclude s390 architecture (gh#SUSE/spacewalk#19050)
- Update to upstream release 0.11.0 (jsc#SLE-24791)
* Add TLS support
* Switch to logger, please check --log.level and --log.format
flags
- Update to version 0.10.1
* Bugfix: Reset ProxyBalancer metrics on each scrape to
remove stale data
- Update to version 0.10.0
* Add Apache Proxy and other metrics
- Update to version 0.8.0
* Change commandline flags
* Add metrics: Apache version, request duration total
- Adapted to build on Enterprise Linux 8
- Require building with Go 1.15
- Add support for RedHat 8
+ Adjust dependencies on spec file
+ Disable dwarf compression in go build
- Add support for Red Hat
- Add %license macro for LICENSE file
golang-github-prometheus-prometheus:
- Update to 2.45.0 (jsc#PED-5406):
* [FEATURE] API: New limit parameter to limit the number of items
returned by `/api/v1/status/tsdb` endpoint.
* [FEATURE] Config: Add limits to global config.
* [FEATURE] Consul SD: Added support for `path_prefix`.
* [FEATURE] Native histograms: Add option to scrape both classic
and native histograms.
* [FEATURE] Native histograms: Added support for two more
arithmetic operators `avg_over_time` and `sum_over_time`.
* [FEATURE] Promtool: When providing the block id, only one block
will be loaded and analyzed.
* [FEATURE] Remote-write: New Azure ad configuration to support
remote writing directly to Azure Monitor workspace.
* [FEATURE] TSDB: Samples per chunk are now configurable with
flag `storage.tsdb.samples-per-chunk`. By default set to its
former value 120.
* [ENHANCEMENT] Native histograms: bucket size can now be limited
to avoid scrape fails.
* [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL
sooner.
* [BUGFIX] Native histograms: ChunkSeries iterator now checks if
a new sample can be appended to the open chunk.
* [BUGFIX] Native histograms: Fix Histogram Appender
`Appendable()` segfault.
* [BUGFIX] Native histograms: Fix setting reset header to gauge
histograms in seriesToChunkEncoder.
* [BUGFIX] TSDB: Tombstone intervals are not modified after Get()
call.
* [BUGFIX] TSDB: Use path/filepath to set the WAL directory.
- Update to 2.44.0:
* [FEATURE] Remote-read: Handle native histograms.
* [FEATURE] Promtool: Health and readiness check of prometheus
server in CLI.
* [FEATURE] PromQL: Add `query_samples_total` metric, the total
number of samples loaded by all queries.
* [ENHANCEMENT] Storage: Optimise buffer used to iterate through
samples.
* [ENHANCEMENT] Scrape: Reduce memory allocations on target
labels.
* [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /
`bottomk()`.
* [ENHANCEMENT] Rules API: Allow filtering by rule name.
* [ENHANCEMENT] Native Histograms: Various fixes and
improvements.
* [ENHANCEMENT] UI: Search of scraping pools is now
case-insensitive.
* [ENHANCEMENT] TSDB: Add an affirmative log message for
successful WAL repair.
* [BUGFIX] TSDB: Block compaction failed when shutting down.
* [BUGFIX] TSDB: Out-of-order chunks could be ignored if the
write-behind log was deleted.
- Update to 2.43.1
* [BUGFIX] Labels: Set() after Del() would be ignored, which
broke some relabeling rules.
- Update to 2.43.0:
* [FEATURE] Promtool: Add HTTP client configuration to query
commands.
* [FEATURE] Scrape: Add `include_scrape_configs` to include
scrape configs from different files.
* [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from
proxied requests.
* [FEATURE] HTTP client: Add `proxy_from_enviroment` to read
proxies from env variables.
* [ENHANCEMENT] API: Add support for setting lookback delta per
query via the API.
* [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499
if a request is canceled.
* [ENHANCEMENT] Scrape: Allow exemplars for all metric types.
* [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders
size.
* [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot
with index that is ahead of WAL.
* [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to
be more comprehensible.
* [ENHANCEMENT] UI: Scope `group by` labels to metric in
autocompletion.
* [BUGFIX] Scrape: Fix
`prometheus_target_scrape_pool_target_limit` metric not set
before reloading.
* [BUGFIX] TSDB: Correctly update
`prometheus_tsdb_head_chunks_removed_total` and
`prometheus_tsdb_head_chunks` metrics when reading WAL.
* [BUGFIX] TSDB: Use the correct unit (seconds) when recording
out-of-order append deltas in the
`prometheus_tsdb_sample_ooo_delta` metric.
- Update to 2.42.0:
This release comes with a bunch of feature coverage for native
histograms and breaking changes.
If you are trying native histograms already, we recommend you
remove the `wal` directory when upgrading.
Because the old WAL record for native histograms is not
backward compatible in v2.42.0, this will lead to some data
loss for the latest data.
Additionally, if you scrape 'float histograms' or use recording
rules on native histograms in v2.42.0 (which writes float
histograms), it is a one-way street since older versions do not
support float histograms.
* [CHANGE] **breaking** TSDB: Changed WAL record format for the
experimental native histograms.
* [FEATURE] Add 'keep_firing_for' field to alerting rules.
* [FEATURE] Promtool: Add support of selecting timeseries for
TSDB dump.
* [ENHANCEMENT] Agent: Native histogram support.
* [ENHANCEMENT] Rules: Support native histograms in recording
rules.
* [ENHANCEMENT] SD: Add container ID as a meta label for pod
targets for Kubernetes.
* [ENHANCEMENT] SD: Add VM size label to azure service
discovery.
* [ENHANCEMENT] Support native histograms in federation.
* [ENHANCEMENT] TSDB: Add gauge histogram support.
* [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that
represents buckets as float64 values.
* [ENHANCEMENT] UI: Show individual scrape pools on /targets
page.
- Update to 2.41.0:
* [FEATURE] Relabeling: Add keepequal and dropequal relabel
actions.
* [FEATURE] Add support for HTTP proxy headers.
* [ENHANCEMENT] Reload private certificates when changed on disk.
* [ENHANCEMENT] Add max_version to specify maximum TLS version in
tls_config.
* [ENHANCEMENT] Add goos and goarch labels to
prometheus_build_info.
* [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.
* [ENHANCEMENT] SD: Add new metric
prometheus_sd_file_watcher_errors_total.
* [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.
* [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in
iterators.
* [ENHANCEMENT] TSDB: Optimize postings offset table reading.
* [BUGFIX] Scrape: Validate the metric name, label names, and
label values after relabeling.
* [BUGFIX] Remote Write receiver and rule manager: Fix error
handling.
- Update to 2.40.7:
* [BUGFIX] TSDB: Fix queries involving negative buckets of native
histograms.
- Update to 2.40.5:
* [BUGFIX] TSDB: Fix queries involving native histograms due to
improper reset of iterators.
- Update to 2.40.3:
* [BUGFIX] TSDB: Fix compaction after a deletion is called.
- Update to 2.40.2:
* [BUGFIX] UI: Fix black-on-black metric name color in dark mode.
- Update to 2.40.1:
* [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit
architecture.
* [BUGFIX] Scrape: Fix accept headers.
- Update to 2.40.0:
* [FEATURE] Add experimental support for native histograms.
Enable with the flag --enable-feature=native-histograms.
* [FEATURE] SD: Add service discovery for OVHcloud.
* [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.
* [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved
sorting speed.
* [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds
__meta_consul_partition label. Adds partition config in
consul_sd_config.
* [BUGFIX] API: Fix API error codes for /api/v1/labels and
/api/v1/series.
- Update to 2.39.1:
* [BUGFIX] Rules: Fix notifier relabel changing the labels on
active alerts.
- Update to 2.39.0:
* [FEATURE] experimental TSDB: Add support for ingesting
out-of-order samples. This is configured via
out_of_order_time_window field in the config file; check config
file docs for more info.
* [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also
respond to a HEAD request on top of existing GET support.
* [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.
* [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.
* [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region
label.
* [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.
* [ENHANCEMENT] TSDB: Improve WAL replay timings.
* [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary
data in the memory.
* [ENHANCEMENT] TSDB: Allow overlapping blocks by default.
--storage.tsdb.allow-overlapping-blocks now has no effect.
* [ENHANCEMENT] UI: Click to copy label-value pair from query
result to clipboard.
* [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a
memory leak.
* [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus
startup.
* [BUGFIX] PromQL: Properly close file descriptor when logging
unfinished queries.
* [BUGFIX] Agent: Fix validation of flag options and prevent WAL
from growing more than desired.
- Update to 2.38.0:
* [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint
that allows pretty-formatting PromQL expressions.
* [FEATURE]: UI: Add support for formatting PromQL expressions in
the UI.
* [FEATURE]: DNS SD: Support MX records for discovering targets.
* [FEATURE]: Templates: Add toTime() template function that
allows converting sample timestamps to Go time.Time values.
* [ENHANCEMENT]: Kubernetes SD: Add
__meta_kubernetes_service_port_number meta label indicating the
service port number.
__meta_kubernetes_pod_container_image meta label indicating the
container image.
* [ENHANCEMENT]: PromQL: When a query panics, also log the query
itself alongside the panic message.
* [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve
the contrast ratio.
* [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding
locks and using atomic types instead.
* [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature
flag, which omits or removes any default HTTP (:80) or HTTPS
(:443) ports in the target's scrape address.
* [BUGFIX]: TSDB: In the WAL watcher metrics, expose the
type='exemplar' label instead of type='unknown' for exemplar
records.
* [BUGFIX]: TSDB: Fix race condition around allocating series IDs
during chunk snapshot loading.
- Remove npm_licenses.tar.bz2 during 'make clean'
- Remove web-ui archives during 'make clean'.
- Require promu >= 0.14.0 for building
- Drop:
- Upgrade to version 2.37.6
* Require Go 1.19
- Upgrade to version 2.37.5
* [SECURITY] Security upgrade from go and upstream dependencies
that include security fixes to the net/http and os packages.
- Upgrade to version 2.37.4
* [SECURITY] Fix basic authentication bypass vulnerability
(CVE-2022-46146, bsc#1208049, jsc#PED-3576).
- Upgrade to version 2.37.3
* [BUGFIX] Update our regexp library to fix upstream
CVE-2022-41715.
- Upgrade to version 2.37.2
- Upgrade to version 2.37.1
* [BUGFIX] Properly close file descriptor when logging unfinished
queries.
* [BUGFIX] TSDB: In the WAL watcher metrics, expose the
- Upgrade to version 2.37.0
* [FEATURE] Nomad SD: New service discovery for Nomad built-in
service discovery.
* [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for
endpoint role.
* [ENHANCEMENT] PromQL: Optimise creation of signature
with/without labels.
* [ENHANCEMENT] TSDB: Memory optimizations.
* [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.
* [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent
header.
* [BUGFIX] Alerting: Fix Alertmanager targets not being updated
when alerts were queued.
* [BUGFIX] Hetzner SD: Make authentication files relative to
Prometheus config file.
* [BUGFIX] Promtool: Fix promtool check config not erroring
properly on failures.
* [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on
reloads.
* [BUGFIX] TSDB: Don't increment
prometheus_tsdb_compactions_failed_total when context is
canceled.
* [BUGFIX] TSDB: Fix panic if series is not found when deleting
series.
* [BUGFIX] TSDB: Increase
prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence
errors.
* [BUGFIX] Uyuni SD: Make authentication files relative to
Prometheus configuration file and fix default configuration
values.
- Upgrade to version 2.36.2
* [BUGFIX] Fix serving of static assets like fonts and favicon.
- Upgrade to version 2.36.1
* [BUGFIX] promtool: Add --lint-fatal option.
- Upgrade to version 2.36.0
* [FEATURE] Add lowercase and uppercase relabel action.
* [FEATURE] SD: Add IONOS Cloud integration.
* [FEATURE] SD: Add Vultr integration.
* [FEATURE] SD: Add Linode SD failure count metric.
* [FEATURE] Add prometheus_ready metric.
* [ENHANCEMENT] Add stripDomain to template function.
* [ENHANCEMENT] UI: Enable active search through dropped targets.
* [ENHANCEMENT] promtool: support matchers when querying label
* [ENHANCEMENT] Add agent mode identifier.
* [BUGFIX] Changing TotalQueryableSamples from int to int64.
* [BUGFIX] tsdb/agent: Ignore duplicate exemplars.
* [BUGFIX] TSDB: Fix chunk overflow appending samples at a
variable rate.
* [BUGFIX] Stop rule manager before TSDB is stopped.
- Upgrade to version 2.35.0
* [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.
* [CHANGE] promtool: Add new flag --lint (enabled by default) for
the commands check rules and check config, resulting in a new
exit code (3) for linter errors.
* [FEATURE] Support for automatically setting the variable
GOMAXPROCS to the container CPU limit. Enable with the flag
--enable-feature=auto-gomaxprocs.
* [FEATURE] PromQL: Extend statistics with total and peak number
of samples in a query. Additionally, per-step statistics are
available with --enable-feature=promql-per-step-stats and using
stats=all in the query API. Enable with the flag
--enable-feature=per-step-stats.
* [ENHANCEMENT] TSDB: more efficient sorting of postings read from
WAL at startup.
* [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.
* [ENHANCEMENT] Azure SD: Add an optional resource_group
configuration.
* [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1
EndpointSlice (previously only discovery.k8s.io/v1beta1
EndpointSlice was supported).
* [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to
discovered pods.
* [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch
OAuth2 tokens.
* [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.
* [ENHANCEMENT] Config: Support overriding minimum TLS version.
* [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.
* [BUGFIX] Fix OpenMetrics parser to sort uppercase labels
correctly.
* [BUGFIX] UI: Fix scrape interval and duration tooltip not
showing on target page.
* [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is
false.
* [BUGFIX] Agent: Fix ID collision when loading a WAL with
multiple segments.
* [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing
the queue.
- Upgrade to version 2.34.0
* [CHANGE] UI: Classic UI removed.
* [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based
tracing.
* [ENHANCEMENT] TSDB: Disable the chunk write queue by default and
allow configuration with the experimental flag
--storage.tsdb.head-chunks-write-queue-size.
* [ENHANCEMENT] HTTP SD: Add a failure counter.
* [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.
* [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.
* [ENHANCEMENT] Scrape: Log when an invalid media type is
encountered during a scrape.
* [ENHANCEMENT] Scrape: Accept
application/openmetrics-text;version=1.0.0 in addition to
version=0.0.1.
* [ENHANCEMENT] Remote-read: Add an option to not use external
labels as selectors for remote read.
* [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.
* [ENHANCEMENT] UI: Improve graph colors that were hard to see.
* [ENHANCEMENT] Config: Allow escaping of $ with $$ when using
environment variables with external labels.
* [BUGFIX] PromQL: Properly return an error from
histogram_quantile when metrics have the same labelset.
* [BUGFIX] UI: Fix bug that sets the range input to the
resolution.
* [BUGFIX] TSDB: Fix a query panic when
memory-snapshot-on-shutdown is enabled.
* [BUGFIX] Parser: Specify type in metadata parser errors.
* [BUGFIX] Scrape: Fix label limit changes not applying.
- Upgrade to version 2.33.5
* [BUGFIX] Remote-write: Fix deadlock between adding to queue and
getting batch.
- Upgrade to version 2.33.4
* [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the
disk.
- Upgrade to version 2.33.3
* [BUGFIX] Azure SD: Fix a regression when public IP Address isn't
set.
- Upgrade to version 2.33.2
* [BUGFIX] Azure SD: Fix panic when public IP Address isn't set.
* [BUGFIX] Remote-write: Fix deadlock when stopping a shard.
- Upgrade to version 2.33.1
* [BUGFIX] SD: Fix no such file or directory in K8s SD when not
running inside K8s.
- Upgrade to version 2.33.0
* [CHANGE] PromQL: Promote negative offset and @ modifer to stable
features.
* [CHANGE] Web: Promote remote-write-receiver to stable.
* [FEATURE] Config: Add stripPort template function.
* [FEATURE] Promtool: Add cardinality analysis to check metrics,
enabled by flag --extended.
* [FEATURE] SD: Enable target discovery in own K8s namespace.
* [FEATURE] SD: Add provider ID label in K8s SD.
* [FEATURE] Web: Add limit field to the rules API.
* [ENHANCEMENT] Remote-write: Avoid allocations by buffering
concrete structs instead of interfaces.
* [ENHANCEMENT] Remote-write: Log time series details for
out-of-order samples in remote write receiver.
* [ENHANCEMENT] Remote-write: Shard up more when backlogged.
* [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar
ingest performance.
* [ENHANCEMENT] TSDB: Avoid allocations when popping from the
intersected postings heap.
* [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding
latency spikes in remote-write.
* [ENHANCEMENT] TSDB: Improve label matching performance.
* [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.
* [ENHANCEMENT] UI: Optimize the target page and add a search bar.
* [BUGFIX] Promtool: Make exit codes more consistent.
* [BUGFIX] Promtool: Fix flakiness of rule testing.
* [BUGFIX] Remote-write: Update
prometheus_remote_storage_queue_highest_sent_timestamp_seconds
metric when write irrecoverably fails.
* [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.
* [BUGFIX] TSDB: CompactBlockMetas should produce correct
mint/maxt for overlapping blocks.
* [BUGFIX] TSDB: Fix logging of exemplar storage size.
* [BUGFIX] UI: Fix overlapping click targets for the alert state
checkboxes.
* [BUGFIX] UI: Fix Unhealthy filter on target page to actually
display only Unhealthy targets.
* [BUGFIX] UI: Fix autocompletion when expression is empty.
* [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.
- Fix authentication bypass by updating Prometheus Exporter Toolkit
to version 0.7.3 (CVE-2022-46146, bsc#1208049)
- Fix uncontrolled resource consumption by updating Go to version
1.20.1 (CVE-2022-41723, bsc#1208298)
- Restructure the spec to build web assets online
* Makefile
grafana:
- Update to version 9.5.8:
* Features and enhancements
GenericOAuth: Set sub as auth id
* Bug fixes:
DataSourceProxy: Fix url validation error handling
- Update to version 9.5.7:
Alerting: Sort NumberCaptureValues in EvaluationString
Alerting: Improve performance of matching captures
Alerting: No longer silence paused alerts during legacy
migration
Alerting: Remove and revert flag alertingBigTransactions
Alerting: Migrate unknown NoData\Error settings to the default
Tracing: supply Grafana build version
Tempo: Escape regex-sensitive characters in span name before
building promql query
Plugins: Only configure plugin proxy transport once
Alerting: Fix unique violation when updating rule group with
title chains/cycles
Prometheus: Version detect bug
Prometheus: Fix heatmap format with no data
Database: Change getExistingDashboardByTitleAndFolder to get
dashboard by title, not slug
Alerting: Convert 'Both' type Prometheus queries to 'Range' in
SQLStore: Fix Postgres dialect treating 'false' migrator
default as true
Alerting: Support newer http_config struct
InfluxDB: Interpolate retention policies
StatusHistory: Fix rendering of value-mapped null
Alerting: Fix provenance guard checks for Alertmanager
configuration to not cause panic when compared nested
objects
AnonymousAuth: Fix concurrent read-write crash
AzureMonitor: Ensure legacy properties containing template
variables are correctly migrated
Explore: Remove data source onboarding page
Dashboard: Re-align Save form
Azure Monitor: Fix bug that did not show alert rule preview
Histogram: Respect min/max panel settings for x-axis
Heatmap: Fix color rendering for value ranges < 1
Heatmap: Handle unsorted timestamps in calculate mode
Google Cloud Monitor: Fix mem usage for dropdown
AzureMonitor: Fix logs query multi-resource and timespan values
Utils: Reimplement util.GetRandomString to avoid modulo bias
Alerting: Fix matching labels with spaces in their values
Dashboard: Fix applying timezone to datetime variables
Dashboard: Fix panel description event triggering every time
panel is rendered
Tempo: Fix get label values based on CoreApp type
Heatmap: Fix log scale editor
Dashboard: Fix disappearing panel when viewed panel is
refreshed
Prometheus: Fix bug in creating autocomplete queries with
labels
Prometheus: Fix Query Inspector expression range value
Alerting: Fix migration failing if alert_configuration table is
not empty
InfluxDB: Fix querying retention policies on flux mode
- Update to version 9.5.6:
* Bug fixes
Dashboard: Fix library panels in collapsed rows not getting
updated
Auth: Add and document option for enabling email lookup
- Update to version 9.5.5:
Security: Fix authentication bypass using Azure AD OAuth
(bsc#1212641, CVE-2023-3128, jsc#PED-3694).
Auth: Show invite button if disable login form is set to false.
Azure: Fix Kusto auto-completion for Azure datasources.
RBAC: Remove legacy AC editor and admin role on new dashboard
route.
API: Revert allowing editors to access GET /datasources.
Settings: Add ability to override skip_org_role_sync with Env
variables.
- Update to version 9.5.3:
Query: Prevent crash while executing concurrent mixed queries
(bsc#1212099, CVE-2023-2801).
Alerting: Require alert.notifications:write permissions to test
receivers and templates (bsc#1212100, CVE-2023-2183).
- Update to version 9.5.2:
Alerting: Scheduler use rule fingerprint instead of version.
Explore: Update table min height.
DataLinks: Encoded URL fixed.
TimeSeries: Fix leading null-fill for missing intervals.
Dashboard: Revert fixed header shown on mobile devices in the
new panel header.
PostgreSQL: Fix TLS certificate issue by downgrading lib/pq.
Provisioning: Fix provisioning issues with legacy alerting and
data source permissions.
Alerting: Fix misleading status code in provisioning API.
Loki: Fix log samples using `instant` queries.
Panel Header: Implement new Panel Header on Angular Panels.
Azure Monitor: Fix bug that was not showing resources for
certain locations.
Alerting: Fix panic when reparenting receivers to groups
following an attempted rename via Provisioning.
Cloudwatch Logs: Clarify Cloudwatch Logs Limits.
- Update to 9.5.1
Loki Variable Query Editor: Fix bug when the query is updated
Expressions: Fix expression load with legacy UID -100
- Update to 9.5.0 (CVE-2023-1387, bsc#1210907, jsc#PED-3694)
* Breaking changes
- default named retention policies won't be used to query.
Users who have a default named retention policy in their
influxdb database, have to rename it to something else.
Having default named retention policy is not breaking
anything. We will make sure to use the actual default
retention policy under the hood. To change the hardcoded
retention policy in the dashboard.json, users must they
select the right retention policy from dropdown and save the
panel/dashboard.
- Grafana Alerting rules with NoDataState configuration set to
Alerting will now respect 'For' duration.
- Users who use LDAP role sync to only sync Viewer, Editor and
Admin roles, but grant Grafana Server Admin role manually
will not be able to do that anymore. After this change, LDAP
role sync will override any manual changes to Grafana Server
Admin role assignments. If grafana_admin is left unset in
LDAP role mapping configuration, it will default to false.
API keys: Add deprecation to api keys.
API: Enable serving Swagger UI by default and add docs and
guidelines.
API: Permit Cache-Control (browser caching) for datasource
resources.
Accessibility: Make row actions keyboard accessible.
Admin/Plugins: Set category filter in connections link.
Alerting: Add CustomDetails field in PagerDuty contact point.
Alerting: Add dashboard and panel links to rule and instance
annotations.
Alerting: Add filter and remove funcs for custom labels and
Alerting: Add fuzzy search to alert list view.
Alerting: Add metrics for active receiver and integrations.
Alerting: Better printing of labels.
Alerting: Create new state history 'fanout' backend that
dispatches to multiple other backends at once.
Alerting: Enable preview for recording rules.
Alerting: Fetch all applied alerting configurations.
Alerting: Introduce proper feature toggles for common state
history backend combinations.
Alerting: Make time range query parameters not required when
querying Loki.
Alerting: New notification policies view.
Alerting: No longer index state history log streams by
instance labels.
Alerting: Respect 'For' Duration for NoData alerts.
Alerting: Support filtering rules by multiple datasources.
Alerting: Switch to snappy-compressed-protobuf for outgoing
push requests to Loki.
Angular: Prevent angular from loading when disabled.
Auth: Add Generic oauth skip org role sync setting.
Auth: Add feature flag to move token rotation to client.
Auth: Show user sync external Authentication status.
Backend: Use sdk version 0.148.0.
Chore: Add stat for remote cache config.
Chore: Replace short UID generation with more standard UUIDs.
Chore: Use DOMPurify to sanitize strings rather than js-xss.
CloudMonitoring: Add possibility to use path for private key.
CloudWatch Logs: Update default timeout to 30m.
CloudWatch: Add AWS/IotSiteWise namespace and metrics.
CloudWatch: Add account support to variable queries.
CloudWatch: Make deeplinks work for us-gov and china regions.
Cloudwatch: Add MeteredIOBytes metric for EFS.
Command Palette: Display dashboard location.
Command palette: Enable folder searching.
Connections: Turn on feature toggle by default.
Cookies: Provide a mechanism for per user control over cookies.
Dashboard Datasource: Update Query List & Improve UX.
Dashboard: Add a feature that creates a table panel when a
spreadsheet file is dropped on the dashboard.
Dashboard: Add new visualization/row/library panel/pasted
panel is now a dropdown menu.
Dashboard: Add value format for requests per minute.
Dashboard: Empty/No Panels dashboard with a new design.
Dashboard: When dashboard is not found show message instead
of empty page.
Dashboards: Enable feature flag newPanelChromeUI by default.
Dataplane: Support timeSeriesLong without transform.
Datasources: Add user_agent header customization for outgoing
HTTP requests.
Datasources: Use getDefaultQuery in annotations editors.
Docs: Add documentation on how to debug backend plugins.
Docs: Deprecate dashboard previews.
Elasticsearch: Detect Elasticsearch version.
Elasticsearch: Run Explore queries trough data source backend.
Explore: Add range option to internal data links.
Explore: Add transformations to correlation data links.
Explore: Support mixed data sources for supplementary query.
Extensions: Expose an enum for available placements.
Feat: Changing link destination for get more plugins.
Feat: Linking to plugin details page rather than externally
for new datasources.
FieldMatchers: Add match by value (reducer).
Flame graph: Add context menu.
Flame graph: Add metadata above flame graph.
Geomap: Improve tooltip url for photos layer.
Geomap: Release night / day layer.
InfluxDB: Move database information into jsondata.
Jaeger and Zipkin: Config & docs upgrade.
LDAP: Allow setting minimum TLS version and accepted ciphers.
Live: Remove (alpha) ability to configure live pipelines.
Logger: Add feature toggle for errors in HTTP request logs.
Login: Allow custom name and icon for social providers.
Logs Panel: Refactor style generation to improve rendering
performance.
Logs: Add millisecond to timestamp in log line.
Logs: Rename dedup to deduplicate.
Loki Query Editor: Make Monaco the default editor.
Loki: Add unpack query builder hint.
Loki: Add descriptions to query builder operations.
Loki: Add placeholder to the loki query editor.
Loki: Always fetch for new label keys in the QueryBuilder.
Loki: Display error with label filter conflicts.
Loki: Improve the display of loki query stats.
MSSQL/Postgres: List views in table dropdown as well.
MSSQL: Update forked go-mssqldb dependency.
Metrics: Update comment to mention folders instead of
dashboards.
Navigation: Enable new navigation by default.
NodeGraph: Support icons for nodes.
Notifications: Enable display of trace ID by default.
Packaging: Start Grafana service after InfluxDB.
Panel Header: Add CancelQuery option to panel header.
Panel: Show multiple errors info in the inspector.
PanelChrome: Add option to show actions on the right side
(actions = leftItems).
Phlare: Allow variables in labelSelector (in query).
Plugin: Skip preloading disabled app plugins.
Plugins: Add optional logger for plugin requests sent to backend
plugins.
Plugins: Extend panel menu with commands from plugins.
Plugins: Extend panel menu with links from plugins.
Plugins: Improve instrumentation by adding metrics and tracing.
Plugins: Support for distributed tracing in backend plugins SDK.
Plugins: Support for link extensions.
Profiling: Enable flame graph & Phlare/Parca data sources for
all users.
Prometheus Datasource: Improve Prom query variable editor.
Prometheus Metrics: Add missing stat_total_teams metric.
Prometheus/Loki: Run query explicitly instead of onblur in panel
edit.
Prometheus: Browser resource caching.
Prometheus: Improve prometheus query variable editor.
Prometheus: Use $__rate_interval for rate queries generated by
metric browser.
Pubdash: Email sharing handle dashboard deleted.
PublicDashboards: Backfills share column with default value.
PublicDashboards: Configuration modal redesign.
PublicDashboards: Email sharing.
PublicDashboards: Enable creation when dashboard has template
variables.
PublicDashboards: Paused or deleted public dashboard screen.
QueryHistory: Improve handling of mixed datasource entries.
Rendering: Experimental support to use JWTs as auth method.
SQL Datasources: Add back help content.
Schema: Remove exclusion for timeseries and update imports.
Search: Improvements for starred dashboard search.
Select: Show icon in the grafana/ui Select component.
Service accounts: Creation logic simplification.
Service accounts: Remove Add API keys buttons and remove one
state of migrating for API keys tab.
SplitOpen: Update API to accept multiple queries.
Stat Panel: Add an option for a non-gradient/solid background.
Stat: Add ability to remove default single-color background
gradient.
SupportBundles: Add OAuth bundle collectors.
Table Panel: Add ability to use text color for value or hide
value in gauge cell.
Table: Introduce sparkline cell type.
Tempo: Config and doc updates.
Tempo: Update service graph view and docs.
TraceView: Add key and url escaping of json tag values.
TraceView: Reworked header.
Tracing: Add more detail to HTTP Outgoing Request.
Tracing: Docs and config improvements for Tempo/Jaeger/Zipkin.
Tracing: Support multiple OTel propagators.
Transformations: Support time format when converting time to
strings.
Transformers: Support adding the row index using calculate
field transformer.
Units: Format currency with negative before the symbol.
API: Fix 'Updated by' Column in dashboard versions table.
AccessControl: Allow editors to access GET /api/datasources.
Alerting: Add 'backend' label to state history writes metrics.
Alerting: Add alert instance labels to Loki log lines in
addition to stream labels.
Alerting: Elide requests to Loki if nothing should be recorded.
Alerting: Fix DatasourceUID and RefID missing for
DatasourceNoData alerts.
Alerting: Fix ambiguous handling of equals in labels when
bucketing Loki state history streams.
Alerting: Fix attachment of external labels to Loki state
history log streams.
Alerting: Fix creating a recording rule when having multiple
datasources.
Alerting: Fix explore link in alert detail view.
Alerting: Fix share URL for Prometheus rules on subpath.
Alerting: Fix stats that display alert count when using unified
alerting.
Alerting: Hide mute timing actions when dealing with vanilla
prometheus.
Alerting: Paginate result previews.
Alerting: Prometheus-compatible Alertmanager timings editor.
Alerting: Update scheduler to get updates only from database.
Alerting: Use a completely isolated context for state history
writes.
Alerting: Use displayNameFromDS if available in preview.
Annotation List: Fix panel not updating when variable is
changed.
Annotations: Ignore unique constraint violations for tags.
Auth: Fix orgrole picker disabled if isSynced user.
AzureMonitor: Fix Log Analytics portal links.
BrowseDashboards: Fix move to General folder not working.
Catalog: Show install error with incompatible version.
Chore: Update Grafana to use Alertmanager
v0.25.1-0.20230308154952-78fedf89728b.
CloudMonitoring: Add project selector for MQL editor[fix].
CloudWatch Logs: Fix running logs queries with expressions.
CloudWatch Logs: Fix to make log queries use a relative time if
available.
CloudWatch Logs: Revert 'Queries in an expression should run
synchronously'.
CloudWatch: Fix cachedQueries insights not being updated for
metric queries.
Cloudwatch: Pass refId from query for expression queries.
Dashboards: Evaluate provisioned dashboard titles in a
backwards compatible way.
Dashboards: Fix broken internal data links.
Database: Don't sleep 10ms before every request.
Elasticsearch: Fix processing of response with multiple group
by for alerting.
Elasticsearch: Handle multiple annotation structures.
Email: Mark HTML comments as 'safe' in email templates.
ErrorHandling: Fixes issues with bad error messages.
ErrorView: Better detection of no-data responses.
Explore: Make DataSourcePicker visible on small screens.
Fix: DataLinks from data sources override user defined data
link.
Fix: Top table rendering and update docs.
Frontend: Fix broken links in /plugins when pathname has a
trailing slash.
Geomap: Fix route layer zoom behavior.
Google Cloud Monitoring: Fix project variable.
HeatMap: Sort y buckets when all bucket names are numeric.
InfluxDB: Fix querying with hardcoded retention policy.
InfluxDB: Fix sending retention policy with InfluxQL queries.
KVStore: Include database field in migration.
LDAP: Always synchronize Server Admin role through role sync if
role sync is enabled.
Library panels: Ensure pagination controls are always correctly
displayed.
Loki: Fix autocomplete situations with multiple escaped quotes.
MegaMenu: Fixes mega menu showing scroll indicator when it
shouldn't.
Navigation: Redirect to root page when switching organization.
Navigation: Scrolled hamburger menu links now navigate correctly
in Safari.
NestedFolders: Fix nested folder deletion.
New Panel Header: Fix when clicking submenu item the parent
menu item onClick get's triggered.
Phlare: Fix error when there are no profileTypes to send from
backend.
PieChart: Show long labels properly.
PluginExtensions: Fixed issue with incorrect type being
exposed when configuring an extension.
Plugins: Ensure proxy route bodies are valid JSON.
Plugins: Fix width for README pages with tables.
Plugins: Markdown fetch retry with lowercase.
Plugins: Skip instrumenting plugin build info for core and
bundled plugins.
PublicDashboards: Query collapsed panels inside rows.
Query Splitting: Fix for handling queries with no requestId.
SQL Datasources: Fix variable throwing error if query returns no
data.
SQL Datasources: Prevent Call Stack Overflows with Large
Numbers of Values for Variable.
SQLStore: Fix SQLite error propagation if query retries are
disabled.
Stat Panel: Fix issue with clipping text values.
Table Panel: Fix panel migration for options cell type.
Table: Fix migrations from old angular table for cell color
modes.
Table: Fixes issue with pagination summary causing scrollbar.
Table: Fixes table panel gauge alignment.
TablePanel: Fix table cells overflowing when there are
multiple data links.
TablePanel: fix footer bug; no footer calculated values after
'hidden' column override.
Templating: Allow percent encoding of variable with custom all.
Tempo: Set default limit if none is provided for traceql
queries.
TimeSeries: Don't extend stepped interpolation to graph edges.
TimeSeries: Improve stacking direction heuristic.
Trace View: Update the queryType to traceql for checking if
same trace when clicking span link.
TraceView: Don't require preferredVisualisationType to render.
Utils: Reimplement util.GetRandomString to avoid modulo bias.
XYChart: Add all dataset columns in tooltip.
* Plugin development fixes & changes
DateTimePicker: Can now select time correctly.
Grafana UI: Fix tooltip prop of button component.
DateTimePicker: Add min date support to calendar.
GrafanaUI: Implement new component Toggletip.
ContextMenu: Fix padding and show border based on items.
- Update to 9.4.7 (2023-03-16)
Alerting: Update scheduler to receive rule updates only from
database.
Influxdb: Re-introduce backend migration feature toggle.
Security: Fixes for CVE-2023-1410.
The InfluxDB backend migration feature toggle
(influxdbBackendMigration) has been reintroduced in this
version as issues were discovered with backend processing of
InfluxDB data. Unless this feature toggle is enabled, all
InfluxDB data will be parsed in the frontend. This frontend
processing is the default behavior.
In Grafana 9.4.4, InfluxDB data parsing started to be handled
in the backend. If you have upgraded to 9.4.4 and then added
new transformations on InfluxDB data, those panels will fail to
render. To resolve this either:
Remove the affected panel and re-create it or
edit the `time` field as `Time` in `panel.json` or
`dashboard.json`
as the exporter toolkit has been updated by upstream
- Install wrapper scripts under /usr/sbin
- Install actual binaries under /usr/libexec/grafana (or /usr/lib
under older distributions) and create a simlink for wrapper
scripts and the service (which expect the binary to be under
/usr/share/grafana/bin)
- Update to 9.4.3
Alerting: Use background context for maintenance function.
- Update to 9.4.2
Alerting: Fix boolean default in migration from false to 0.
- Update to 9.4.0
Alerting: Add endpoint for querying state history.
Alerting: Add label query parameters to state history endpoint.
Alerting: Add static label to all state history entries.
Alerting: Mark AM configuration as applied.
Azure Monitor: Enable multiple resource queries.
Query Caching: Add per-panel query caching TTL.
Table: Add row number column option.
Tempo: Remove tempoApmTable feature flag.
Transformations: Selectively apply transformation to queries.
AccessControl: Clear user permission cache for update org user
role.
Alerting: Fix handling of special floating-point cases
when writing observed values to annotations.
Auth: Rotate token patch.
ContextMenu: Consider y coord when determining bottom
collision.
Elasticsearch: Fix consistent label order in alerting.
Explore: Fix graph not updating when changing config.
Heatmap: Support heatmap rows with non-timeseries X axis.
Login: Fix panic when a user is upserted by a background
process.
MSSQL: Add support for macro function calls.
MySQL: Quote identifiers that include special characters.
Navigation: Sign in button now works correctly when
served under a sub path.
Nested Folder: Fix for SQLite not to overwrite the parent on
restarts.
PanelChrome: Adds display mode to support transparent option.
Plugins: Case-sensitive routes for standalone pages.
Plugins: Prefer to use the data source UID when querying.
SQLStore: Fix folder migration for MySQL < 5.7.
Search: Fix not being able to clear sort value.
Tempo: Fix span name being dropped from the query.
PanelChrome: Implement hover header.
- Update to 9.3.7
Alerting: Validate that tags are 100 characters or less.
Expressions: Fixes the issue showing expressions editor.
Logs: Fix stats not being updated when log results change.
Plugins: Fix circular reference in customOptions leading
to MarshalJSON errors.
Time Series Panel: Fix legend text selection in Firefox.
- Update to 9.3.6
QueryEditorRow: Fixes issue loading query editor when
data source variable selected.
- Update to 9.3.4
Prometheus: Add default editor configuration.
TextPanel: Refactor to functional component.
Alerting: Fix webhook to use correct key for decrypting token.
Alerting: Set error annotation on EvaluationError regardless of
underlying error type.
Datasources: Fix Proxy by UID Failing for UIDs with a Hyphen.
Fix creating of span link with no tags.
Elasticsearch: Fix failing requests when using SigV4.
Elasticsearch: Fix toggle-settings are not shown correctly.
Explore: Be sure time range key bindings are mounted after
clear.
Explore: Unsync time ranges when a pane is closed.
Logs: Lines with long words do not break properly.
Loki: Fix misaligned derived fields settings.
Query Builder: Fix max width of input component to prevent
overflows.
Search: Auto focus input elements.
Search: Fix empty folder message showing when by starred
dashboards.
Table Panel: Fix image of image cell overflowing table cell and
cells ignoring text alignment setting when a data
link is added.
- Update to 9.3.2
Graphite: Process multiple queries to Graphite plugin.
API: Fix delete user failure due to quota not enabled.
Accessibility: Improved keyboard accessibility in BarGauge.
Accessibility: Improved keyboard accessibility in BigValue.
Alerting: Use the QuotaTargetSrv instead of the QuotaTarget in
quota check.
AzureMonitor: Automate location retrieval.
AzureMonitor: Fix bad request when setting dimensions.
BarChart: Fix value mappings.
Build: Streamline and sync dockerfiles.
Build: Unified dockerfile for all builds.
CloudWatch: Fix - make sure dimensions are propagated to alert
query editor.
Cloudwatch: Fix deeplink with default region.
Command Palette: Fix not being able to type if triggered
whilst another modal is open.
Command Palette: Maintain page state when changing theme.
Dashboards: Fix 'Make Editable' button not working in
Dashboard Settings.
Dashboards: Show error when data source is missing.
Datasource: Fix - apply default query also to queries in new
panels.
Dropdown: Menu now closes correctly when selecting
options on touch devices.
Influx: Query segment menus now position correctly near
the bottom of the screen.
Login: Fix failure to login a new user via an external
provider if quota are enabled.
Loki/Prometheus: Fix wrong queries executed in split view.
Loki: Fix wrongly escaped label values when using LabelFilter.
Navigation: Prevent app crash when importing a dashboard with a
uid of `home`.
Panel Edit: Fix data links edit icons being off screen when
provided title is too long.
Prometheus: Fix exemplar fill color to match series color in
time series.
Prometheus: Fix exemplars not respecting corresponding series
display status.
StateTimeline: Fix negative infinity legend/tooltip from
thresholds.
Table: Fixes row border style not showing and colored
rows blending together.
Tempo: Fix TraceQL autocomplete issues.
TimePicker: Prevent TimePicker overflowing viewport on small
screens.
TimeRangePicker: Fix recently ranges only not showing all recent
ranges.
TimeZonePicker: Scroll menu correctly when using keyboard
controls.
- Update to 9.3.1
Connections: Update 'Your connections/Data sources' page.
Accessibility: Increase badge constrast to be WCAG AA compliant.
- Update to 9.3.0
Alerting: Enable interpolation for notification policies in file
provisioning.
Azure Monitor Logs: Avoid warning when the response is empty.
Azure Monitor: Add support to customized routes.
Canvas: Add icon value mapping.
CloudWatch: Cross-account querying support.
Docs: Update `merge-pull-request.md` regarding backport
policies.
GaugePanel: Setting the neutral-point of a gauge.
Geomap: Improve location editor.
Internationalization: Enable internationalization by default.
Logs: Add `Download logs` button to log log-browser.
Loki: Add `gzip` compression to resource calls.
Loki: Add improvements to loki label browser.
Loki: Make label browser accessible in query builder.
Loki: Remove raw query toggle.
Middleware: Add CSP Report Only support.
Navigation: Prevent viewer role accessing dashboard
creation, import and folder creation.
OAuth: Refactor OAuth parameters handling to support
obtaining refresh tokens for Google OAuth.
Oauth: Display friendly error message when
role_attribute_strict=true and no valid role found.
Preferences: Add confirmation modal when saving org preferences.
PublicDashboards: Orphaned public dashboard deletion script
added.
Query Editor: Hide overflow for long query names.
Solo Panel: Configurable timezone.
TablePanel: Add support for Count calculation per column
or per entire dataset.
Tempo: Send the correct start time when making a TraceQL query.
Various Panels: Remove beta label from Bar Chart, Candlestick,
Histogram, State Timeline, & Status History
Panels.
Access Control: Clear user's permission cache after resource
creation.
Accessibility: Improve keyboard accessibility in
`AnnoListPanel`.
Accessibility: Improve keyboard accessibility in `Collapse`.
`GettingStarted` panel.
Accessibility: Improve keyboard accessibility of `FilterPill`.
Admin: Fix broken links to image assets in email templates.
Azure Monitor: Fix namespace selection for storageaccounts.
Calcs: Fix difference percent in legend.
DataLinks: Improve Data-Links AutoComplete Logic.
Explore: Fix a11y issue with logs navigation buttons.
Heatmap: Fix blurry text & rendering.
Heatmap: Fix tooltip y range of top and bottom buckets in
calculated heatmaps.
Logs: Fix misalignment of LogRows.
Navigation: Stop clearing search state when opening a
result in a new tab.
OptionsUI: SliderValueEditor does not get auto focused on
slider change.
PanelEdit: Fixes bug with not remembering panel options
pane collapse/expand state.
Quota: Fix failure in store due to missing scope parameters.
Quota: Fix failure when checking session limits.
StateTimeline: Prevent label text from overflowing state rects.
Tempo: Fix search table duration unit.
TraceView: Fix broken rendering when scrolling in Dashboard
panel in Firefox.
GrafanaUI: Add disabled option for menu items.
- Update to 9.2.4
Access Control: Add an endpoint for setting several managed
resource permissions.
Accessibility: Increase `Select` placeholder contrast to
be WCAG AA compliant.
Alerting: Append org ID to alert notification URLs.
Alerting: Make the Grouped view the default one for Rules.
Build: Remove unnecessary alpine package updates.
Google Cloud Monitoring: Set frame interval to draw null values.
Instrumentation: Expose when the binary was built as a gauge.
Loki: Preserve `X-ID-Token` header.
Search: Reduce requests in folder view.
TimeSeries: More thorough detection of negative values for
auto-stacking direction.
Alerting: Attempt to preserve UID from migrated legacy channel.
Alerting: Fix response is not returned for invalid Duration in
Provisioning API.
Alerting: Fix screenshot is not taken for stale series.
Auth: Fix admins not seeing pending invites.
MSSQL/Postgres: Fix visual query editor filter disappearing.
Tempo: Fix dropdown issue on tag field focus.
Timeseries: Fix null pointer when matching fill below to field.
Toolkit: Fix Webpack less-loader config.
- Update to 9.2.3
Docs: Add information about DB version support to upgrade guide.
Footer: Update footer release notes link to Github changelog.
Prometheus: Do not drop errors in streaming parser.
Prometheus: Flavor/version configuration.
Prometheus: Provide label values match parameter API when
supported prometheus instance is configured.
Security: Upgrade x/text to version unaffected by
CVE-2022-32149.
Auth: Fix GF_AUTH_JWT_URL_LOGIN env variable doesn't work.
Live: Explicitly reply with http 200.
Prometheus: Fix builder operation mode changing
multiselect to single select behaviour.
Security: Fix vulnerabilities in webpack loader-utils.
- Update to 9.2.2
Alerting: Add support for wecom apiapp.
Canvas: Improve resource picker initialization.
Canvas: Improve text element readability.
CloudWatch: Make sure adoption tracking is done on valid,
migrated queries.
Dashboard: Alerts user to incorrect tag format for JSON import.
MSSQL: Support tables from all schemas.
Opentsdb: Allow template variables for filter keys.
QueryEditor: Revert components from grafana-ui.
Browse: Fix General folder not showing in FolderPicker.
Elasticsearch: Fix calculation of trimEdges in alert mode.
Elasticsearch: Fix trimEdges delete logic in alert mode.
GoogleOAuth: Unlock User Admin UI.
LogContext: Fix wrong color of `show context` icon in light
theme.
Loki: Fix adding of adhoc filters to stream selector when query
with empty stream selector.
Loki: Fix double stringified log-lines when copied via Copy
button.
Loki: Fix explain section about $\_\_interval variable.
Loki: Remove already selected options from next label filter
options in builder.
NodeGraph: Fix rendering issues when values of arc are over 1.
PublicDashboards: Fix hidden queries execution.
Tempo: Fix Node Graph visualization type in dashboard.
TimeSeries: Fix stacking when first value is negative zero.
TimeseriesPanel: Fix variables in data links.
User: Fix externalUserId not being populated.
We added some components a bit too early to @grafana/ui in 9.2
so we are moving them back to @grafana/experimental. If you
used any of these components
AccessoryButton
EditorFieldGroup
EditorHeader
EditorField
EditorRow
EditorList
EditorRows
EditorSwitch
FlexItem
Stack
InlineSelect
InputGroup
Space
Please use them from grafana/experimental from now on.
- Update to 9.2.1
Alerting: Improve notification policies created during
migration.
AzureAD: Add option to force fetch the groups from the
Graph API.
Docs: Note end of release notes publication.
Inspect: Handle JSON tab crash when the provided object
is too big to stringify.
TablePanel: Footer now updates values on column filtering.
Alerting: Fix email image embedding on Windows.
Alerting: Fix mathexp.NoData for ConditionsCmd.
Legacy Alerting: Fix duration calculation when testing a rule.
Loki: Propagate additional headers from Grafana to Loki
when querying data.
Search: Sort alphabetically in the folder view, increase
the limit of the folder search from 50 to 1000.
TablePanel: Fix last table column to be centered.
Grafana UI: Export prop types for queryfield, modal and field
components.
Toolkit: Fix `Cannot use import statement outside...` error in
tests.
- Update to 9.2.0
Alerting: Add Notification error feedback on contact points
view.
Alerting: Allow created by to be manually set when
there's no creator for silences.
Alerting: Expose info about notification delivery errors
in a new /receivers endpoint.
Alerting: Update imported prometheus alertmanager version.
Alerting: Write and Delete multiple alert instances.
Core: Implement aria attributes for query rows, improve a11y.
DevEnv: Adds docker block for clickhouse.
Docker: removes unneccesary use of edge repo.
Explore: Revert split pane resize feature.
Frontend: Make local storage items propagate to different tabs
immediately.
PublicDashboards: Allow disabling an existent public dashboard
if it.
QueryEditorRow: Only pass error to query editor if panel
is not in a loading state.
XYChart: Beta release.
Alerting: Start ticker only when scheduler starts.
Alerting: Fix pq: missing FROM-clause for table 'a'.
AzureMonitor: Correctly update subscriptions value in ARG
editor.
Chore: Regenerate swagger specification and fix validation
failures.
Correlations: Only return correlation for which both
source and target datasources exist.
Explore: Prevent panes from disappearing when resizing
window in split view.
Links: Fix opening links from different orgs on the same tab.
LogContext: Fix scroll position in upper context group.
Logs: Show copy button independently from context.
Loki/Prometheus: Fix adding of ad hoc filters when
jumping from dashboard to explore.
Loki: Add support for range aggregations with by grouping.
Loki: Fix label-value escaping in context query.
Loki: Fix redundant escaping in adhoc filter with regex match.
PanelEdit: Fixes resize pane border and spacing issues.
RBAC: Redirect to /login when forceLogin is set.
Security: Fix CVE-2022-27664.
StateTimeline: Fix tooltip showing erroneously in shared
crosshair dashboards.
Tempo: Fix unexpected trimming of leading zeroes in traceID.
Tracing: Fix bug where errors are not reported to OpenTelemetry.
- Update to 9.1.8
Alerting: Fix evaluation interval validation.
Alerting: Fix migration to create rules with group index 1.
Alerting: Fix migration to not add label 'alertname'.
Azure Monitor: Fix empty Logs response for Alerting.
Azure Monitor: Fix subscription selector when changing data
sources.
Google Cloud Monitoring: Fix bucket bound for distributions.
- Update to 9.1.7
CloudWatch: Add missing AWS/Prometheus metrics.
Explore: Add feature tracking events.
Graphite: Add error information to graphite queries tracing.
Prometheus: Restore FromAlert header.
Search: Add search index configuration options.
Thresholds: Add option for dashed line style.
Alerting: Fix default query's data source when no default
datasource specified.
Alerting: Fix mathexp.NoData cannot be reduced.
Alerting: Skip unsupported file types on provisioning.
AzureMonitor: Ensure resourceURI template variable is migrated.
Dashboard: Fix plugin dashboard save as button.
Docs: Fix decimals: auto docs for panel edit.
Fix: RBAC handle `error no resolver` found.
LibraryPanelSearch: Refactor and fix hyphen issue.
Live: Fix live streaming with `live-service-web-worker` feature
flag enabled.
QueryField: Fix wrong cursor position on autocomplete.
- Update to 9.1.6
DataSource: Adding possibility to hide queries from the
inspector.
Inspect: Hide Actions tab when it is empty.
PanelMenu: Remove hide legend action as it was showing on
all panel types.
Provisioning Contact points: Support disableResolveMessage via
YAML.
PublicDashboards: Support subpaths when generating pubdash url.
Alerting: Fix legacy migration crash when rule name is too long.
Alerting: Fix send resolved notifications.
Azure Monitor: Fix migration issue with MetricDefinitionsQuery
template variable query types.
Browse: Hide dashboard actions if user does not have enough
permission.
ElasticSearch: Fix dispatching queries at a wrong time.
Panel: Disable legends when showLegend is false prior to
schema v37.
Prometheus: Fix metadata requests for browser access mode.
Search: Avoid requesting all dashboards when in Folder View.
TablePanel/StatPanel: Fix values not being visible when
background transparent.
- Update to 9.1.5
Alerting: Sanitize invalid label/annotation names for external
alertmanagers.
Alerting: Telegram: Truncate long messages to avoid send error.
DisplayProcessor: Handle reverse-ordered data when auto-showing
millis.
Heatmap: Add option to reverse color scheme.
PluginLoader: Alias slate-react as @grafana/slate-react.
Search: Add substring matcher, to bring back the old
dashboard search behavior.
Traces: More visible span colors.
Alerting: Fix incorrect propagation of org ID and other
fields in rule provisioning endpoints.
Alerting: Resetting the notification policy tree to the default
policy will also restore default contact points.
AzureMonitor: Fix custom namespaces.
AzureMonitor: Fix issue where custom metric namespaces
are not included in the metric namespace list.
CloudWatch: Fix display name of metric and namespace.
Cloudwatch: Fix annotation query serialization issue.
Dashboard: Fix issue where unsaved changes warning would appear
even after save, and not being able to change library
panels.
Dashboard: Hide overflow content for single left pane.
Loki: Fix a bug where adding adhoc filters was not possible.
- Update to 9.1.4
GrafanaUI: Fixes Chrome issue for various query fields.
- Update to 9.1.3
API: Do not expose user input in datasource error responses.
Library Panel: Allow to delete them when deprecated.
Plugins Catalog: Allow to filter plugins using special
characters.
Alerting: Fix UI bug when setting custom notification
policy group by.
AppRootPage: Fix issue navigating between two app plugin pages.
Correlations: Use correct fallback handlers.
RBAC: Fix deleting empty snapshots.
LibraryElements: Fix inability to delete library panels
under MySQL.
Metrics: fix `grafana_database_conn_*` metrics, and add
new `go_sql_stats_*` metrics as eventual replacement.
TestData DB: Fix node graph not showing when the `Data type`
field is set to `random`.
* Deprecations
The `grafana_database_conn_*` metrics are deprecated, and will
be removed in a future version of Grafana. Use the
`go_sql_stats_*` metrics instead.
- Update to 9.1.2
AdHoc variable: Correctly preselect datasource when provisioning.
AzureMonitor: Added ARG query function for template variables.
Dashboards: Persist details message when navigating through
dashboard save drawer's tabs.
Dashboards: Correctly migrate mixed data source targets.
Elasticsearch: Use millisecond intervals for alerting.
Elasticsearch: Use millisecond intervals in frontend.
Geomap: Local color range.
Plugins Catalog: Use appSubUrl to generate plugins catalog urls.
Rendering: Add support for renderer token.
Alerting: Fix saving of screenshots uploaded with a signed url.
AngularPanels: Fixing changing angular panel options not taking
having affect when coming back from panel edit.
Explore: Improve a11y of query row collapse button.
Geomap: Fix tooltip display.
QueryEditorRow: Filter data on mount.
Search: Show all dashboards in the folder view.
Tracing: Fix the event attributes in opentelemetry tracing.
GrafanaUI: Fix styles for invalid selects & DataSourcePicker.
- Update to 9.1.1
Cloud Monitoring: Support SLO burn rate.
Schema: Restore 'hidden' in LegendDisplayMode.
Timeseries: Revert the timezone(s) property name change back to
singular.
Alerting: Fix links in Microsoft Teams notifications.
Alerting: Fix notifications for Microsoft Teams.
Alerting: Fix width of Adaptive Cards in Teams notifications.
ColorPickerInput: Fix popover in disabled state.
Decimals: Fixes auto decimals to behave the same for
positive and negative values.
Loki: Fix unique log row id generation.
Plugins: Fix file extension in development authentication guide.
TimeSeries: Fix jumping legend issue.
TimeSeries: Fix memory leak on viz re-init caused by
KeyboardPlugin.
TimePicker: Fixes relative timerange of less than a day not
displaying.
GrafanaUI: Fixes ClipboardButton to always keep multi line
content.
- Update to 9.1.0
API: Allow creating teams with a user defined identifier.
Alerting: Adds interval and For to alert rule details.
Alerting: Extend PUT rule-group route to write the entire
rule group rather than top-level fields only.
Alerting: Use Adaptive Cards in Teams notifications.
Azure Monitor: Add Network Insights Dashboard.
Chore: Improve logging of unrecoverable errors.
Correlations: Add UpdateCorrelation HTTP API.
Dashboard: Reverted the changes of hiding multi-select
and all variable in the datasource picker.
Geomap: Add alpha day/night layer.
Geomap: Add measuring tools.
GrafanaUI: Add success state to ClipboardButton.
Heatmap: Replace the heatmap panel with new implementation.
KVStore: Allow empty value in kv_store.
Prometheus: Promote Azure auth flag to configuration.
Search: Display only dashboards in General folder of
Search Folder View.
Status history/State timeline: Support datalinks.
Transform: Add a limit transform.
Transformations: Add standard deviation and variance reducers.
API: Fix snapshot responses.
Access Control: Fix permission error during dashboard
creation flow.
Access Control: Set permissions for Grafana's test data source.
Alerting: Fix migration failure.
BarGauge: Show empty bar when value, minValue and
maxValue are all equal.
Dashboard: Fix color of bold and italics text in panel
description tooltip.
Loki: Fix passing of query with defaults to code mode.
Loki: Fix producing correct log volume query for query
with comments.
Loki: Fix showing of unusable labels field in detected fields.
Tracing: Fix OpenTelemetry Jaeger context propagation.
Alerting: AlertingProxy to elevate permissions for request
forwarded to data proxy when RBAC enabled.
Plugins: Only pass `rootUrls` field in request when not empty.
Alert notifications to Microsoft Teams now use Adaptive Cards
instead of Office 365 Connector Cards.
Starting at 9.1.0, existing heatmap panels will start using a
new implementation. This can be disabled by setting the
`useLegacyHeatmapPanel` feature flag to true. It can be
tested on a single dashbobard by adding
`?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.
The most notable changes are:
Significantly improved rendering performance
When calculating heatmaps, the buckets are now placed on
reasonable borders (1m, 5m, 30s etc)
Round cells are no longer supported
- Update to 9.0.9
AuthNZ: Security fixes for CVE-2022-35957 and CVE-2022-36062.
- Update to 9.0.8
Alerting: Hide 'no rules' message when we are fetching
from data sources.
Alerting: AlertingProxy to elevate permissions for
request forwarded to data proxy when RBAC enabled.
- Update to 9.0.7
CloudMonitoring: Remove link setting for SLO queries.
GrafanaUI: Render PageToolbar's leftItems regardless of
title's presence.
- Update to 9.0.6
Access Control: Allow org admins to invite new users to
their organization.
Grafana/toolkit: Fix incorrect image and font generation
for plugin builds.
Prometheus: Fix adding of multiple values for regex operator.
UI/Card: Fix card items always having pointer cursor.
- Update to 9.0.5
Access control: Show dashboard settings to users who can
edit dashboard.
Alerting: Allow the webhook notifier to support a custom
Authorization header.
Plugins: Add signature wildcard globbing for dedicated
private plugin type.
Prometheus: Don't show errors from unsuccessful API
checks like rules or exemplar checks.
Access control: Allow organisation admins to add existing
users to org.
Alerting: Fix alert panel instance-based rules filtering.
Apps: Fixes navigation between different app plugin pages.
Cloudwatch: Upgrade grafana-aws-sdk to fix auth issue
with secret keys.
Loki: Fix `show context` not working in some occasions.
RBAC: Fix permissions on dashboards and folders created
by anonymous users.
- Update to 9.0.4
Browse/Search: Make browser back work properly when
visiting Browse or search.
Logs: Improve getLogRowContext API.
Loki: Improve handling of empty responses.
Plugins: Always validate root URL if specified in
signature manfiest.
Preferences: Get home dashboard from teams.
SQLStore: Support Upserting multiple rows.
Traces: Add more template variables in Tempo & Zipkin.
Traces: Remove serviceMap feature flag.
Access Control: Fix missing folder permissions.
Access control: Fix org user removal for OSS users.
Alerting: Fix Slack notifications.
Alerting: Preserve new-lines from custom email templates
in rendered email.
Log: Fix text logging for unsupported types.
Loki: Fix incorrect TopK value type in query builder.
- Update to 9.0.3
Access Control: Allow dashboard admins to query org users.
Alerting: Add method to provisioning API for obtaining a
group and its rules.
Alerting: Allow filtering of contact points by name.
Alerting: Disable /api/admin/pause-all-alerts with
Unified Alerting.
Annotations: Use point marker for short time range annotations.
AzureMonitor: Update UI to experimental package.
AzureMonitor: Update resource and namespace metadata.
CloudWatch: Remove simplejson in favor of 'encoding/json'.
DashboardRow: Collapse shortcut prevent to move the
collapsed rows.
Navigation: Highlight active nav item when Grafana is
served from subpath.
Plugins: InfluxDB datasource - set epoch query param
value as 'ms'.
Plugins: InfluxDB update time range query.
StateTimeline: Try to sort time field.
API: Do not validate/save legacy alerts when saving a
dashboard if legacy alerting is disabled.
Alerting: Add method to reset notification policy tree
back to the default.
Alerting: Fix Teams notifier not failing on 200 response
with error.
Alerting: Fix bug where state did not change between
Alerting and Error.
Alerting: Fix consistency errors in OpenAPI documentation.
Alerting: Fix normalization of alert states for panel
Alerting: Provisioning API respects global rule quota.
CSRF: Fix additional headers option.
Chore: Bump parse-url to 6.0.2 to fix security vulnerabilities.
Chore: Fix CVE-2020-7753.
Chore: Fix CVE-2021-3807.
Chore: Fix CVE-2021-3918.
Chore: Fix CVE-2021-43138.
Chore: Fix CVE-2022-0155.
Dashboard: Fixes tooltip issue with TimePicker and Setting buttons.
Dashboard: Prevent unnecessary scrollbar when viewing
single panel.
Logs: Fixed wrapping log lines from detected fields.
Loki: Add missing operators in label filter expression.
Loki: Fix error when changing operations with different parameters.
Loki: Fix suggesting of correct operations in query builder.
Plugins: InfluxDB variable interpolation fix for
influxdbBackendMigration feature flag.
SQLstore: Fix fetching an inexistent playlist.
Security: Fixes for CVE-2022-31107 and CVE-2022-31097.
Snapshots: Fix deleting external snapshots when using RBAC.
Table: Fix scrollbar being hidden by pagination.
Templating: Changing between variables with the same name
now correctly triggers a dashboard refresh.
Time series panel: Fix an issue with stacks being not complete
due to the incorrect data frame length.
- Update to 9.0.2
Alerting: Add support for images in Pushover alerts.
Alerting: Don't stop the migration when alert rule tags
are invalid.
Alerting: Skip the default data source if incompatible.
AzureMonitor: Parse non-fatal errors for Logs.
OAuth: Restore debug log behavior.
Plugins: Improved handling of symlinks.
Alerting: Code-gen parsing of URL parameters and fix
related bugs.
Annotations: Fix annotation autocomplete causing panels
to crash.
Barchart: Fix warning not showing.
CloudWatch: Enable custom session duration in AWS plugin auth.
Dashboards: Fixes issue with the initial panel layout
counting as an unsaved change.
Plugins: Use a Grafana specific SDK logger implementation
for core plugins.
Search: Fix pagination in the new search page.
- Update to 9.0.1
Alerting: Add support for image annotation in
Alertmanager alerts.
Alerting: Add support for images in SensuGo alerts.
Alerting: Add support for images in Threema alerts.
Alerting: Adds Mimir to Alertmanager data source implementation.
Alerting: Invalid setting of enabled for unified alerting
should return error.
AzureMonitor: Clean namespace when changing the resource.
AzureMonitor: Update supported namespaces and filter
resources by the right type.
CLI: Allow relative symlinks in zip archives when
installing plugins.
Dashboard: Don't show unsaved changes modal for automatic
schema changes.
Dashboard: Unsaved changes warning should not trigger
when only pluginVersion has changed.
Expression: Execute hidden expressions.
Geomap: Support showing tooltip content on click (not
just hover).
Heatmap: Remove alpha flag from new heatmap panel.
Instrumentation: Define handlers for requests that are
not handled with named handlers.
Log Panel: Improve log row hover contrast and visibility.
Logs: Handle backend-mode errors in histogram.
Loki: Do not show histogram for instant queries.
Loki: Handle data source configs with path in the url.
Loki: Handle invalid query type values.
OAuth: Redirect to login if no oauth module is found or
if module is not configured.
OptionsUI: Move internal options editors out of @grafana/ui.
Prometheus: Don't show undefined for step in collapsed
options in query editor when value is 'auto'.
Prometheus: Show query patterns in all editor modes for
Prometheus and Loki.
Tempo: Add link to Tempo Search with node service selected.
Time Series Panel: Add Null Filling and 'No Value' Support.
TimeSeries: Add an option to set legend width.
Timeseries: Improve cursor Y sync behavior.
Traces: Do not use red in span colors as this looks like
an error.
Alerting: Fix AM config overwrite when SQLite db is
locked during sync.
Alerting: Fix alert instances filtering for prom rules.
Alerting: Fix alert rule page crashing when datasource
contained URL unsafe characters.
Alerting: Fix automatically select newly created folder option.
Alerting: Fix removal of notification policy without
labels matchers.
CloudWatch: Allow hidden queries to be executed in case
an ID is provided.
Dashboard: Prevent non-repeating panels being dropped
from repeated rows when collapsed/expanded.
Dashboards: Fix folder picker not showing correct results
when typing too fast.
Datasource: Prevent panic when proxying for non-existing
data source.
Explore: Fix log context scroll to bottom.
Explore: Revert 'Remove support for compact format URLs'.
Expressions: Fixes dashboard schema migration issue that casued
Expression datasource to be set on panel level.
Formatting: Fixes valueFormats for a value of 0.
GrafanaData: Fix week start for non-English browsers.
LibraryPanel: Resizing a library panel to 6x3 no longer
crashes the dashboard on startup.
LogRow: Fix placement of icon.
Loki: Fix bug in labels framing.
Loki: Fix issues with using query patterns.
Loki: Fix showing of duplicated label values in dropdown
in query builder.
MSSQL: Fix ParseFloat error.
Panels: Fixes issue with showing 'Cannot visualize data'
when query returned 0 rows.
Playlists: Disable Create Playlist buttons for users with
viewer role.
Plugins: Fix typo in plugin data frames documentation.
Prometheus: Fix body not being included in resource calls
if they are POST.
RolePicker: Fix submenu position on horizontal space overflow.
Tracing: Fix trace links in traces panel.
Support for compact Explore URLs is deprecated and will be
removed in a future release. Until then, when navigating to
Explore using the deprecated format the URLs are
automatically converted. If you have existing links pointing
to Explore update them using the format generated by Explore
upon navigation. You can identify a compact URL by its
format. Compact URLs have the left (and optionally right) url
parameter as an array of strings, for example
`&left=['now-1h','now'...]`. The standard explore URLs follow
a key/value pattern, for example
`&left={'datasource':'test'...}`. Please be sure to check
your dashboards for any hardcoded links to Explore and update
them to the standard URL pattern.
- Update to 9.0.0
API: Add GET /api/annotations/:annotationId endpoint.
API: Add endpoint for updating a data source by its UID.
AccessControl: Add enterprise only setting for rbac
permission cache.
AccessControl: Document basic roles changes and provisioning V2.
AccessControl: Enable RBAC by default.
AddDataSourceConfig: Remove deprecated checkHealth prop.
Alerting: Add Image URLs to Microsoft Teams notifier.
Alerting: Add RBAC actions and role for provisioning API routes.
Alerting: Add Screenshot URLs to Pagerduty Notifier.
Alerting: Add a 'Reason' to Alert Instances to show
underlying cause of state.
Alerting: Add a general screenshot service and
alerting-specific image service.
Alerting: Add image url or file attachment to email
notifications.
Alerting: Add image_urls to OpsGenie notification details.
Alerting: Add notification policy flow chart.
Alerting: Attach image URL to alerts in Webhook notifier format.
Alerting: Attach image URLs or upload files to Discord
Alerting: Attach image URLs to Google Chat notifications.
Alerting: Attach screenshot data to Unified Alerting
Alerting: Create folder for alerting when start from the
scratch.
Alerting: Modify alertmanager endpoints for proxying
using the datasource UID.
Alerting: Modify endpoint for testing a datasource rule
using the UID.
Alerting: Modify prometheus endpoints for proxying using
the datasource UID.
Alerting: State Manager takes screenshots.
Alerting: Use UID scope for folders authorization.
Alerting: modify ruler endpoints for proxying using the
datasource UID.
Angular: Adds back two angular directives that are still
used by remaining angular bits and plugins.
Azure Monitor: Add Resource Picker to Metrics Queries.
Azure Monitor: Add search feature to resource picker.
AzureMonitor: Add support for selecting multiple options when
using the equals and not equals dimension filters.
AzureMonitor: Remove deprecated code.
Build: Change names to PascalCase to match.
Chore: Remove deprecated DataSourceAPI methods.
Chore: Upgrade typescript to 4.6.4.
Cloud Monitoring: Use new annotation API.
CloudMonitoring: Allow to set a custom value or disable
graph_period.
CloudWatch: Add generic filter component to variable editor.
CloudWatch: Added missing AWS/AppRunner metrics.
CloudWatch: Enable support for dynamic labels with
migrated alias patterns.
Cloudwatch: Pass label in deep link.
Cloudwatch: Use new annotation API.
Dashboard: Validate dashboards against schema on save.
DashboardPickerByID: Add option to exclude dashboards.
DashboardPickerById: Add optionLabel prop.
Dashboards: Display values of 0 with the configured
decimal places.
Data: Remove deprecated types and functions from valueMappings.
Elasticsearch: Remove browser access mode.
Elasticsearch: Remove support for versions after their
end of the life (<7.10.0).
Encryption: Add support for multiple data keys per day.
Encryption: Enable envelope encryption by default.
Explore: Remove support for legacy, compact format URLs.
Explore: Skip Angular error handling when Angular support
is disabled.
Explore: simplify support for multiple query editors.
FeatureToggles: Support changing feature toggles with URL
parameters.
FileUpload: Make component accessible by keyboard navigation.
Formatting: Make SI number formats more robust.
Graph: Deprecate Graph (old) and make it no longer a
visualization option for new panels.
IconButton: IconButtons are now correctly aligned in Safari.
Logger: Enable new logging format by default.
Loki: Add more query patterns.
Loki: Enable new visual query builder by default.
Loki: use the same dataframe-format for both live and
normal queries.
OAuth: Make allowed email domain case insensitive.
Panels: Use the No value option when showing the no data
message.
Plugins: Remove plugin list panel.
Query History: Enable new query history by default.
QueryEditorRow: Show query errors next to query in a
consistent way across Grafana.
SAML: Implement Name Templates for
assertion_attribute_name option.
Service accounts: Do not display service accounts
assigned to team.
Settings: Use Grafana Azure SDK to pass Azure env vars
for external plugins.
Shortcuts: Add shortcut to show shortcuts to the list of
shortcuts.
Traces Panel: Add new Traces Panel visualization.
Traces: Filter by service/span name and operation in
Tempo and Jaeger.
Transformations: Allow more complex regex expressions
in `Rename by regex`.
grafana/ui: Add default type='button' to <Button>.
Alerting: Fix database unavailable removes rules from scheduler.
AzureMonitor: Fix auto-selection of time-grain for metrics.
DataSources: Fixes issue with expressions not being queried.
GraphNG: Fix thresholds by color not following data update.
Jaeger: Update operations dropdown.
Login: Fix mismatching label on auth_module in user list.
Playlists: Save button now correctly creates a new playlist.
RBAC: Fix migrations running in the wrong order causing
inheritance problem in enterprise.
ServiceAccounts: Add identifiable token prefix to service
account tokens.
Traces: Fix missing CopyButton on KeyValueTables and
overlapping of panels.
`setExploreQueryField`, `setExploreMetricsQueryField` and
`setExploreLogsQueryField` are now deprecated and will be
removed in a future release. If you need to set a different
query editor for Explore, conditionally render based on
`props.app` in your regular query editor.
Chore: Remove react-testing-lib from bundles.
Select: Portal menu by default.
The `@grafana/ui` package helper function
`selectOptionInTest` used in frontend tests has been removed
as it caused testing libraries to be bundled in the
production code of Grafana. If you were using this helper
function in your tests please update your code accordingly:
```js
// before
import { selectOptionInTest } from '@grafana/ui';
// ...test usage
await selectOptionInTest(selectEl, 'Option 2');
// after
import { select } from 'react-select-event';
await select(selectEl, 'Option 2',
{ container: document.body });
```
Removed deprecated `checkHealth` prop from the `@grafana/e2e`
`addDataSource` config. Previously this value defaulted to
`false`, and has not been used in end-to-end tests since
Grafana 8.0.3.
Removes the deprecated `LegacyBaseMap`, `LegacyValueMapping`,
`LegacyValueMap`, and `LegacyRangeMap` types, and
`getMappedValue` function from grafana-data. Migration is as
follows:
| Old | New |
| -------------------- | ----------------------- |
| `LegacyBaseMap` | `MappingType` |
| `LegacyValueMapping` | `ValueMapping` |
| `LegacyValueMap` | `ValueMap` |
| `LegacyRangeMap` | `RangeMap` |
| `getMappedValue` | `getValueMappingResult` |
This change fixes a bug in Grafana where intermittent failure
of database, network between Grafana and the database, or
error in querying the database would cause all alert rules to
be unscheduled in Grafana. Following this change scheduled
alert rules are not updated unless the query is successful.
The `get_alert_rules_duration_seconds` metric has been
renamed to `schedule_query_alert_rules_duration_seconds`.
Any secret (data sources credential, alert manager
credential, etc, etc) created or modified with Grafana v9.0
won't be decryptable from any previous version (by default)
because the way encrypted secrets are stored into the
database has changed. Although secrets created or modified
with previous versions will still be decryptable by Grafana
v9.0.
If required, although generally discouraged, the
`disableEnvelopeEncryption` feature toggle can be enabled to
keep envelope encryption disabled once updating to Grafana
In case of need to rollback to an earlier version of Grafana
(i.e. Grafana v8.x) for any reason, after being created or
modified any secret with Grafana v9.0, the
`envelopeEncryption` feature toggle will need to be enabled
to keep backwards compatibility (only from `v8.3.x` a bit
unstable, from `8.5.x` stable).
As a final attempt to deal with issues related with the
aforementioned situations, the `grafana-cli admin
secrets-migration rollback` command has been designed to
move back all the Grafana secrets encrypted with envelope
encryption to legacy encryption. So, after running that
command it should be safe to disable envelope encryption
and/or roll back to a previous version of Grafana.
Alternatively or complementarily to all the points above,
backing up the Grafana database before updating could be a
good idea to prevent disasters (although the risk of getting
some secrets corrupted only applies to those updates/created
with after updating to Grafana v9.0).
According to the dynamic labels documentation, you can use up
to five dynamic values per label. There’s currently no such
restriction in the alias pattern system, so if more than 5
patterns are being used the GetMetricData API will return an
error.
Dynamic labels only allow \${LABEL} to be used once per
query. There’s no such restriction in the alias pattern
system, so in case more than 1 is being used the
GetMetricData API will return an error.
When no alias is provided by the user, Grafana will no longer
fallback with custom rules for naming the legend.
In case a search expression is being used and no data is
returned, Grafana will no longer expand dimension values, for
instance when using a multi-valued template variable or star
wildcard `*` in the dimension value field.
Time series might be displayed in a different order. Using
for example the dynamic label `${PROP('MetricName')}`, might
have the consequence that the time series are returned in a
different order compared to when the alias pattern
`{{metric}}` is used
In Elasticsearch, browser access mode was deprecated in
grafana 7.4.0 and removed in 9.0.0. If you used this mode,
please switch to server access mode on the datasource
configuration page.
Environment variables passed from Grafana to external Azure
plugins have been renamed:
`AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`
`AZURE_MANAGED_IDENTITY_ENABLED` renamed to
`GFAZPL_MANAGED_IDENTITY_ENABLED`
`AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to
`GFAZPL_MANAGED_IDENTITY_CLIENT_ID`
There are no known plugins which were relying on these
variables. Moving forward plugins should read Azure settings
only via Grafana Azure SDK which properly handles old and new
environment variables.
Removes support for for ElasticSearch versions after their
end-of-life, currently versions < 7.10.0. To continue to use
ElasticSearch data source, upgrade ElasticSearch to version
7.10.0+.
Application Insights and Insight Analytics queries in Azure
Monitor were deprecated in Grafana 8.0 and finally removed in
9.0. Deprecated queries will no longer be executed.
grafana/ui: Button now specifies a default type='button'
The `Button` component provided by @grafana/ui now specifies
a default `type='button'` when no type is provided.
In previous versions, if the attribute was not specified for
buttons associated with a `<form>` the default value was
`submit` per the specification. You can preserve the old
behavior by explicitly setting the type attribute:
`<Button type='submit' />`
The `Rename by regex` transformation has been improved to
allow global patterns of the form `/<stringToReplace>/g`.
Depending on the regex match used, this may cause some
transformations to behave slightly differently. You can
guarantee the same behaviour as before by wrapping the
`match` string in forward slashes (`/`), e.g. `(.*)` would
become `/(.*)/`
`<Select />` menus will now portal to the document body by
default. This is to give more consistent behaviour when
positioning and overlaying. If you were setting
`menuShouldPortal={true}` before you can safely remove that
prop and behaviour will be the same. If you weren't
explicitly setting that prop, there should be no visible
changes in behaviour but your tests may need updating. If you
were setting `menuShouldPortal={false}` this will continue to
prevent the menu from portalling.
Grafana alerting endpoint prefixed with `api/v1/rule/test`
that tests a rule against a Corte/Loki data source now
expects the data source UID as a path parameter instead of
the data source numeric identifier.
Grafana alerting endpoints prefixed with `api/prometheus/`
that proxy requests to a Cortex/Loki data source now expect
the data source UID as a path parameter instead of the data
source numeric identifier.
Grafana alerting endpoints prefixed with `api/ruler/` that
proxy requests to a Cortex/Loki data source now expect the
data source UID as a path parameter instead of the data
Grafana alerting endpoints prefixed with `api/alertmanager/`
that proxy requests to an Alertmanager now expect the data
source UID as a path parameter instead of the data source
numeric identifier.
The format of log messages have been updated, `lvl` is now
`level` and `eror`and `dbug` has been replaced with `error`
and `debug`. The precision of timestamps has been increased.
To smooth the transition, it is possible to opt-out of the
new log format by enabling the feature toggle `oldlog`.
This option will be removed in a future minor release.
In the Loki data source, the dataframe format used to
represent Loki logs-data has been changed to a more efficient
format. The query-result is represented by a single dataframe
with a 'labels' column, instead of the separate dataframes
for every labels-value. When displaying such data in explore,
or in a logs-panel in the dashboard will continue to work
without changes, but if the data was loaded into a different
dashboard-panel, or Transforms were used, adjustments may be
necessary. For example, if you used the 'labels to fields'
transformation with the logs data, please switch to the
'extract fields' transformation.
- Update to version 8.5.22:
* Fix XSS in Graphite functions tooltip
(bsc#1209645, CVE-2023-1410)
- Update to version 8.5.21:
* Apply attribute sanitation to GeomapPanel
(bsc#1208821, CVE-2023-0507)
* Avoid storing XSS in TraceView panel
(bsc#1208819, CVE-2023-0594)
* Login: Fix panic when UpsertUser is called without ReqContext
- Fix basic authentication bypass by updating the exporter toolkit
to version 0.7.3 (bsc#1208065, CVE-2022-46146).
- Require Go 1.19 or newer (bsc#1208293, CVE-2022-41723)
- Update to version 8.5.20:
* Security: SVG: Add dompurify preprocessor step
(bsc#1207749, CVE-2022-23552)
* Security: Snapshots: Fix originalUrl spoof security issue
(bsc#1207750, CVE-2022-39324)
* Security: Omit error from http response
* Bug fix: Email and username trimming and invitation validation
- Update to version 8.5.15 (jsc#PED-2617):
* Security: Fix for privilege escalation
(bsc#1205225, CVE-2022-39306)
* Security: Omit error from http response when user does not
exists (bsc#1205227, CVE-2022-39307)
- Update to version 8.5.14:
* Security: Fix do not forward login cookie in outgoing requests
(bsc#1204303, CVE-2022-39201)
* Security: Make proxy endpoints not leak sensitive HTTP headers
(bsc#1204305, CVE-2022-31130)
* Security: Fix plugin signature bypass (bsc#1204302, CVE-2022-31123)
* Security: Fix blocknig other users from signing in (bsc#1204304,
CVE-2022-39229)
- Update to version 8.5.13 (jsc#PED-2145):
+ Features and enhancements:
* Plugins: Expose emotion/react to plugins to prevent load
failures
+ Bug fix:
* AuthNZ: Security fixes for (bsc#1203596, CVE-2022-36062) and
(bsc#1203597, CVE-2022-35957)
- Update to version 8.5.11:
* Rendering: Add support for renderer token
* Alerting: AlertingProxy to elevate permissions for request
forwarded to data proxy when RBAC enabled
- Update to version 8.5.10
+ Bug fixes (8.5.10):
* RBAC: Fix Anonymous Editors missing dashboard controls.
#52649, @gamab
+ Bug fixes (8.5.9):
* Security: Fixes for CVE-2022-31107 and CVE-2022-31097.
#52238, @xlson
+ Bug fixes (8.5.6):
* Dashboard: Fixes random scrolling on time range change.
#50379, @torkelo
* Security: Fixes minor code scanning security warnings in old
vendored javascript libs. #50382, @torkelo
+ Features and enhancements (8.5.5):
* Azure Monitor: Include datasource ref when interpolating
variables. #49543, @kevinwcyu
* CloudWatch: Add multi-value template variable support for log
group names in logs query builder. #49737, @kevinwcyu
* Cloudwatch: Add template variable query function for listing
log groups. #50100, @yaelleC
+ Bug fixes (8.5.5):
* Alerting: Do not overwrite existing alert rule condition.
#49920, @gillesdemey
* Alerting: Remove double quotes from matchers. #50044,
@alexweav
+ Features and enhancements (8.5.4):
* Alerting: Remove disabled flag for data source when migrating
alerts. #48559, @yuri-tceretian
* Alerting: Show notification tab of legacy alerting only to
editor. #49624, @yuri-tceretian
* Alerting: Update migration to migrate only alerts that belong
to existing org\dashboard. #49192, @yuri-tceretian
* AzureMonitor: Do not quote variables when a custom 'All'
variable option is used. #49428, @andresmgot
* AzureMonitor: Update allowed namespaces. #48468,
@jcolladokuri
* CloudMonitor: Correctly encode default project response.
#49510, @aangelisc
* Cloudwatch: Add support for new AWS/RDS EBS* metrics.
#48798, @szymonpk
* InfluxDB: Use backend for influxDB by default via feature
toggle. #48453, @yesoreyeram
* Legend: Use correct unit for percent and count calculations.
#49004, @dprokop
* LokI: use millisecond steps in Grafana 8.5.x. #48630, @gabor
* Plugins: Introduce HTTP 207 Multi Status response to
api/ds/query. #48550, @wbrowne
* Transformations: Add an All Unique Values Reducer. #48653,
@josiahg
* Transformers: avoid error when the ExtractFields source field
is missing. #49368, @wardbekker
* [v8.5.x] Alerting: Update migration to migrate only alerts
that belong to existing org\dashboard. #49199, @grafanabot
+ Bug fixes (8.5.4):
* Alerting: Allow disabling override timings for notification
policies. #48648, @gillesdemey
* Alerting: Allow serving images from custom url path. #49022,
@gillesdemey
* Alerting: Apply Custom Headers to datasource queries. #47860,
@joeblubaugh
* Alerting: Fix RBAC actions for notification policies. #49185,
@yuri-tceretian
* Alerting: Fix access to alerts for viewer with editor
permissions when RBAC is disabled. #49270, @yuri-tceretian
* Alerting: Fix anonymous access to alerting. #49203,
* Alerting: correctly show all alerts in a folder. #48684,
* AzureMonitor: Fixes metric definition for Azure Storage
queue/file/blob/table resources. #49101, @aangelisc
* Dashboard: Fix dashboard update permission check. #48746,
@IevaVasiljeva
* DashboardExport: Fix exporting and importing dashboards where
query data source ended up as incorrect. #48410, @torkelo
* FileUpload: clicking the Upload file button now opens their
modal correctly. #48766, @ashharrison90
* GrafanaUI: Fix color of links in error Tooltips in light
theme. #49327, @joshhunt
* LibraryPanels: Fix library panels not connecting properly in
imported dashboards. #49161, @joshhunt
* Loki: Improve unpack parser handling. #49074, @gabor
* RolePicker: Fix menu position on smaller screens. #48429,
@Clarity-89
* TimeRange: Fixes updating time range from url and browser
history. #48657, @torkelo
* TimeSeries: Fix detection & rendering of sparse datapoints.
#48841, @leeoniya
* Timeseries: Fix outside range stale state. #49633, @ryantxu
* Tooltip: Fix links not legible in Tooltips when using light
theme. #48748, @joshhunt
* Tooltip: Sort decimals using standard numeric compare.
#49084, @dprokop
* Transforms: Labels to fields, fix label picker layout.
#49304, @torkelo
* Variables: Fixes issue with data source variables not
updating queries with variable. #49478, @torkelo
* [v8.5.x] Alerting: Fix RBAC actions for notification policies
(#49185). #49348, @yuri-tceretian
* [v8.5.x] Alerting: Fix access to alerts for viewer with
editor permissions when RBAC is disabled. #49427, @konrad147
* [v8.5.x] Alerting: Fix anonymous access to alerting. #49268,
+ Breaking changes (8.5.4):
For a data source query made via /api/ds/query:
If the DatasourceQueryMultiStatus feature is enabled and
The data source response has an error set as part of the
DataResponse, the resulting HTTP status code is now 207
Multi Status instead of 400 Bad gateway
If the DatasourceQueryMultiStatus feature is not enabled and
DataResponse, the resulting HTTP status code is 400 Bad
Request (no breaking change)
--> Issue #48550
+ Bug fixes (8.5.3):
* Security: fixes CVE-2022-29170. #49240, @xlson
+ Features and enhancements (8.5.2):
* Alerting: Add safeguard for migrations that might cause
dataloss. #48526, @JohnnyQQQQ
* AzureMonitor: Add support for not equals and startsWith
operators when creating Azure Metrics dimension filters.
#48077, @aangelisc
* Elasticsearch: Add deprecation notice for < 7.10 versions.
#48506, @ivanahuckova
* Traces: Filter by service/span name and operation in Tempo
and Jaeger. #48209, @joey-grafana
+ Bug fixes (8.5.2):
* AzureAd Oauth: Fix strictMode to reject users without an
assigned role. #48474, @kyschouv
* CloudWatch: Fix variable query tag migration. #48587, @iwysiu
* Plugins: Ensure catching all appropriate 4xx api/ds/query
scenarios. #47565, @wbrowne
+ Bug fixes (8.5.1):
* Azure Monitor: Fix space character encoding for metrics query
link to Azure Portal. #48139, @kevinwcyu
* CloudWatch: Prevent log groups from being removed on query
change. #47994, @asimpson
* Cloudwatch: Fix template variables in variable queries.
#48140, @iwysiu
* Explore: Prevent direct access to explore if disabled via
feature toggle. #47714, @Elfo404
* InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram
* Navigation: Prevent navbar briefly showing on login. #47968,
@ashharrison90
* Plugins Catalog: Fix styling of hyperlinks. #48196, @marefr
* Table: Fix filter crashes table. #48258, @zoltanbedi
* TimeSeries: Properly stack series with missing datapoints.
#48321, @leeoniya
+ Features and enhancements (8.5.0):
* Alerting: Add contact points provisioning API. #47197,
@JohnnyQQQQ
* Alerting: Add resolved count to notification title when both
firing and resolved present. #46697, @JacobsonMT
* Alerting: Alert rule should wait For duration when execution
error state is Alerting. #47052, @grobinson-grafana
* Alerting: Classic conditions can now display multiple values.
#46971, @gotjosh
* Alerting: Display query from grafana-managed alert rules on
/api/v1/rules. #45969, @gotjosh
* Alerting: Enhance support for arbitrary group names in
managed alerts. #47785, @gillesdemey
* Alerting: add field for custom slack endpoint. #45751,
@nathanrodman
* Azure Monitor : Adding json formatting of error messages in
Panel Header Corner and Inspect Error Tab. #44877, @yaelleC
* Azure Monitor: Add 2 more Curated Dashboards for VM Insights.
#45187, @jcolladokuri
* CloudWatch: Handle new error codes for MetricInsights.
#47033, @Gabrielopesantos
* Dashboards: show changes in save dialog. #46557, @ryantxu
* DataSource: Default data source is no longer a persisted
state but just the default data source for new panels.
#45132, @torkelo
* DataSourcePlugin API: Allow queries import when changing data
source type. #47435, @dprokop
* Explore: Remove return to panel button. #45018, @gelicia
* Explore: allow users to save Explore state to a new panel in
a new dashboard. #45148, @Elfo404
* Instrumentation: Proxy status code correction and various
improvements. #47473, @marefr
* Logging: Introduce feature toggle to activate gokit/log
format. #47336, @ying-jeanne
* NewsPanel: Add support for Atom feeds. #45390, @kaydelaney
* Plugins: Add deprecation notice for /api/tsdb/query endpoint.
#45238, @wbrowne
* Plugins: Adding support for traceID field to accept
variables. #45559, @vinisdl
* PostgreSQL: __unixEpochGroup to support arithmetic expression
as argument. #46764, @s0nik42
* Profile/Help: Expose option to disable profile section and
help menu. #46308, @cameronwaterman
* Prometheus: Enable new visual query builder by default.
#46634, @torkelo
* SAML: Allow disabling of SAML signups. #47481, @mmandrus
* SAML: Allow disabling of SAML signups. (Enterprise)
* Table: New pagination option. #45732, @zoltanbedi
* TablePanel: Add cell inspect option. #45620, @dprokop
* Tempo / Trace Viewer: Support Span Links in Trace Viewer.
#45632, @Shachi16
* Tempo: Download span references in data inspector. #47074,
@connorlindsey
* Tempo: Separate trace to logs and loki search datasource
config. #46655, @connorlindsey
* Trace View: Show number of child spans. #44393, @tharun208
* Transformations: Support escaped characters in key-value pair
parsing. #47901, @aangelisc
+ Bug fixes (8.5.0):
* Azure Monitor: Bug Fix for incorrect variable cascading for
template variables. #47478, @jcolladokuri
* CloudWatch: List all metrics properly in SQL autocomplete.
#45898, @sunker
* CloudWatch: Run query on blur in logs query field. #47454,
@fridgepoet
* Dashboard: Template variables are now correctly persisted
when clicking breadcrumb links. #46790, @ashharrison90
* DashboardPage: Remember scroll position when coming back
panel edit / view panel. #47639, @torkelo
* Panel Edit: Options search now works correctly when a
logarithmic scale option is set. #47927, @ashharrison90
* Postgres: Return tables with hyphenated schemes. #45754,
@zuchka
* Table panel: Fix horizontal scrolling when pagination is
enabled. #47776, @dprokop
* Variables: Ensure variables in query params are correctly
recognised. #47049, @ashharrison90
* Variables: Fix crash when changing query variable datasource.
#44957, @joshhunt
* Visualizations: Stack negative-valued series downwards.
#47373, @leeoniya
+ Breaking changes (8.5.0):
For a proxied request, e.g. Grafana's datasource or plugin
proxy: If the request is cancelled, e.g. from the browser/by
the client, the HTTP status code is now 499 Client closed
request instead of 502 Bad gateway If the request times out,
e.g. takes longer time than allowed, the HTTP status code is
now 504 Gateway timeout instead of 502 Bad gateway. Issue
#47473 The change in behavior is that negative-valued series
are now stacked downwards from 0 (in their own stacks), rather
than downwards from the top of the positive stacks. We now
automatically group stacks by Draw style, Line interpolation,
and Bar alignment, making it impossible to stack bars on top of
lines, or smooth lines on top of stepped lines. Issue #47373
The meaning of the default data source has now changed from
being a persisted property in a panel. Before when you selected
the default data source for a panel and later changed the
default data source to another data source it would change all
panels who were configured to use the default data source. From
now on the default data source is just the default for new
panels and changing the default will not impact any currently
saved dashboards. Issue #45132 The Tooltip component provided
by @grafana/ui is no longer automatically interactive (that is
you can hover onto it and click a link or select text). It will
from now on by default close automatically when you mouse out
from the trigger element. To make tooltips behave like before
set the new interactive property to true.
+ Deprecations (8.5.0):
/api/tsdb/query API has been deprecated and will be removed in
a future release. Use /api/ds/query instead. Issue #45238
+ Plugin development fixes & changes (8.5.0):
* Card: Increase clickable area when meta items are present.
#47935, @ashharrison90
* Loki: Fix operator description propup from being shortened.
#46575, @glintik
* Tooltips: Make tooltips non interactive by default. #45053,
@torkelo
+ Features and enhancements (8.4.7):
* CloudWatch: Added missing MemoryDB Namespace metrics. #47290,
@james-deee
* Histogram Panel: Take decimal into consideration. #47330,
@mdvictor
* TimeSeries: Sort tooltip values based on raw values. #46738,
@dprokop
+ Bug fixes (8.4.7):
* API: Include userId, orgId, uname in request logging
middleware. #47183, @marefr
* Elasticsearch: Respect maxConcurrentShardRequests datasource
setting. #47120, @alexandrst88
+ Features and enhancements (8.4.5):
* Instrumentation: Make backend plugin metrics endpoints
available with optional authentication. #46467, @marefr
* Table panel: Show datalinks for cell display modes JSON View
and Gauge derivates. #46020, @mdvictor
+ Bug fixes (8.4.5):
* Azure Monitor: Small bug fixes for Resource Picker. #46665,
@sarahzinger
* Logger: Use specified format for file logger. #46970, @sakjur
* Logs: Handle missing fields in dataframes better. #46963,
@gabor
* ManageDashboards: Fix error when deleting all dashboards from
folder view. #46877, @joshhunt
+ Features and enhancements (8.4.4):
* Loki: Add unpack to autocomplete suggestions (#44623).
#46573, @glintik
* Plugins: allow using both Function and Class components for
app plugins. #46148, @leventebalogh
* TimeSeries: Add migration for Graph panel's transform series
override. #46577, @dprokop
* TimeSeries: Preserve null/undefined values when performing
negative y transform. #46584, @dprokop
+ Bug fixes (8.4.4):
* CloudWatch: Use default http client from aws-sdk-go. #46370,
@sunker
* Dashboards: Fixes repeating by row and no refresh. #46565,
* Gauge: Fixes blank viz when data link exists and orientation
was horizontal. #46335, @torkelo
* Search: sort results correctly when using postgres. #46466,
@xlson
* TagsInput: fix tags remove button accessibility issues.
#46254, @Elfo404
* TextPanel: Sanitize after markdown has been rendered to html.
#46166, @ashharrison90
+ Features and enhancements (8.4.3):
* Alerting: Grafana uses > instead of >= when checking the For
duration. #46010
* Alerting: Use expanded labels in dashboard annotations.
#45726, @grobinson-grafana
* Logs: Escape windows newline into single newline. #45771,
@perosb
+ Bug fixes (8.4.3):
* Alerting: Fix use of > instead of >= when checking the For
duration. #46011, @grobinson-grafana
* Azure Monitor: Fixes broken log queries that use workspace.
#45820, @sunker
* CloudWatch: Remove error message when using multi-valued
template vars in region field. #45886, @sunker
* Middleware: Fix IPv6 host parsing in CSRF check. #45911,
@ying-jeanne
+ Plugin development fixes & changes (8.4.3):
* ClipboardButton: Use a fallback when the Clipboard API is
unavailable. #45831, @ashharrison90
+ Features and enhancements (8.4.2):
* OAuth: Add setting to skip org assignment for external
users. #34834, @baez90
* Tracing: Add option to map tag names to log label names in
trace to logs settings. #45178, @connorlindsey
+ Bug fixes (8.4.2):
* Explore: Fix closing split pane when logs panel is
used. #45602, @ifrost
+ Features and enhancements (8.4.1):
* Cloudwatch: Add support for AWS/PrivateLink* metrics and
dimensions. #45515, @szymonpk
* Configuration: Add ability to customize okta login button
name and icon. #44079, @DanCech
* Tempo: Switch out Select with AsyncSelect component to get
loading state in Tempo Search. #45110, @CatPerry
+ Bug fixes (8.4.1):
* Alerting: Fix migrations by making send_alerts_to field
nullable. #45572, @santihernandezc
+ Features and enhancements (8.4.0):
* API: Extract OpenAPI specification from source code using
go-swagger. #40528, @papagian
* AccessControl: Disable user remove and user update roles when
they do not have the permissions. #43429, @Jguer
* AccessControl: Provisioning for teams. #43767, @gamab
* API: Add usage stats preview endpoint. #43899, @Jguer
* Alerting: Move slow queries in the scheduler to another
goroutine. #44423, @grobinson-grafana
* Alerting: Use time.Ticker instead of alerting.Ticker in
ngalert. #44395, @grobinson-grafana
* Alerting: add custom grouping to Alert Panel. #44559,
* Analytics: Add user id tracking to google analytics.
#42763, @autoric
* Angular: Add AngularJS plugin support deprecation plan to
docs site. #45149, @torkelo
* Auth: implement auto_sign_up for auth.jwt. #43502, @sakjur
* Azure Monitor Logs: Order subscriptions in resource picker by
name. #45228, @sunker
* Azure monitor Logs: Optimize data fetching in resource
picker. #44549, @sunker
* AzureMonitor: Filter list of resources by resourceType.
#43522, @andresmgot
* BarChart: color by field, x time field, bar radius, label
skipping. #43257, @leeoniya
* Chore: Implement OpenTelemetry in Grafana. #42674, @idafurjes
* Cloud Monitoring: Adds metric type to Metric drop down
options. #43268, @tw1nk
* CloudWatch: Add Data Lifecycle Manager metrics and dimension.
#43310, @ilyastoli
* CloudWatch: Add Missing Elasticache Host-level metrics.
#43455, @dhendo
* CloudWatch: Add all ElastiCache Redis Metrics. #43336,
@siavashs
* CloudWatch: Add new AWS/ES metrics. #43034, @sunker
* Cloudwatch: Add syntax highlighting and autocomplete for
'Metric Search'. #43985, @sarahzinger
* Explore: Support custom display label for exemplar links for
Prometheus datasource. #42732, @JokerQueue
* Hotkeys: Make time range absolute/permanent. #43802, @davkal
* Playlists: Enable sharing direct links to playlists. #44161,
* SQLStore: Prevent concurrent migrations. #44101, @papagian
* SSE: Add Mode to drop NaN/Inf/Null in Reduction operations.
#43583, @kylebrandt
* Setting: Support configuring feature toggles with bools
instead of just passing an array. #43326, @bergquist
* TimeSeries: Add support for negative Y and constant
transform. #44774, @dprokop
* Transformations: Add 'JSON' field type to
ConvertFieldTypeTransformer. #42624, @sd2k
+ Bug fixes (8.4.0):
* Auth: Guarantee consistency of signed SigV4 headers.
#45054, @wbrowne
* CloudWatch: Fix MetricName resetting on Namespace change.
#44165, @yaelleC
* Cloudwatch : Fixed reseting metric name when changing
namespace in Metric Query. #44612, @yaelleC
* Explore: Avoid locking timepicker when range is inverted.
#44790, @Elfo404
* Instrumentation: Fix HTTP request instrumentation of
authentication failures. #44234, @marefr
* LibraryPanels: Prevent long descriptions and names from
obscuring the delete button. #45190, @zuchka
* OAuth: Fix parsing of ID token if header contains non-string
value. #44159, @marefr
* Panel Edit: Visualization search now works correctly with
special characters. #45137, @ashharrison90
* Provisioning: Fix duplicate validation when multiple
organizations have been configured. #44151, @marefr
* QueryField: Fix issue with undo history when suggestion is
inserted (#28656). #39114, @glintik
* TablePanel: Do not prefix columns with frame name if multiple
frames and override active. #45174, @mdvictor
+ Deprecations (8.4.0):
AngularJS plugin support is now in a deprecated state, meaning
it will be removed in a future release. Currently, that is
planned for version 10 (in 2023). The documentation site has an
article with more details on why, when, and how. Issue #45149
- Update to version 8.3.10
+ Security:
* Fixes XSS vulnerability in the Unified Alerting
(bsc#1201535, CVE-2022-31097)
* Fixes OAuth account takeover vulnerability
(bsc#1201539, CVE-2022-31107)
- Update to version 8.3.9
+ Bug fixes:
* Geomap: Display legend
* Prometheus: Fix timestamp truncation
- Update to version 8.3.7
* Provisioning: Ensure that the default value for orgID is set
when provisioning datasources to be deleted.
- Update to version 8.3.6
* Cloud Monitoring: Reduce request size when listing labels.
* Explore: Show scalar data result in a table instead of graph.
* Snapshots: Updates the default external snapshot server URL.
* Table: Makes footer not overlap table content.
* Tempo: Add request histogram to service graph datalink.
* Tempo: Add time range to tempo search query behind a feature flag.
* Tempo: Auto-clear results when changing query type.
* Tempo: Display start time in search results as relative time.
* CloudMonitoring: Fix resource labels in query editor.
* Cursor sync: Apply the settings without saving the dashboard.
* LibraryPanels: Fix for Error while cleaning library panels.
* Logs Panel: Fix timestamp parsing for string dates without timezone.
* Prometheus: Fix some of the alerting queries that use reduce/math operation.
* TablePanel: Fix ad-hoc variables not working on default datasources.
* Text Panel: Fix alignment of elements.
* Variables: Fix for constant variables in self referencing links.
- Update _constraints to require at least 5GB, because with less we
can't build it.
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422,
jsc#SLE-24565)
+ Security: Fixes CVE-2021-43813 and CVE-2021-43815,
bsc#1193686.
+ Security: Fixes CVE-2021-43798, bsc#1193492.
+ Security: Fixes CVE-2021-41244, bsc#1192763.
+ Security: Fixes CVE-2021-41174, bsc#1192383.
fix CVE-2021-3711, bsc#1189520.
* Security: Update dependencies to fix CVE-2021-36222,
bsc#1188571.
mgr-push:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use http to connect to localhost server
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* remove pylint check at build time
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Update translation strings
- Version 4.4.1-1
* Bump version to 4.4.0
prometheus-blackbox_exporter:
- Use obscpio for go modules service
- Set version number
- Set build date from SOURCE_DATE_EPOCH
- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)
* Requires go1.19
- Drop:
- Avoid empty validation script
- Add rc symlink for backwards compatibility
- Fix authentication bypass via cache poisoning
(CVE-2022-46146, bsc#1208062)
- Add `min_version` parameter of `tls_config` to allow enabling
TLS 1.0 and 1.1 (bsc#1209113)
- On SUSE Linux Enterprise build always with Go >= 1.19 (bsc#1203599)
- Build with go1.18 only for SLE-15-SP3 and
build with >= go1.19 on higher SP (bsc#1203599)
- Require go1.18 (bsc#1203599, GH#19127)
- Exclude s390 arch
- Fix %pre section to avoid empty content
- Updated to allow building on older rpmbuild.
- Enhanced to build on Enterprise Linux 8
prometheus-postgres_exporter:
- CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208060)
- Remove duplicated call to systemd requirements
- Do not build debug if RHEL >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on RHEL
- Build with Go >= 1.20 elsewhere
- Adapt the systemd service security configuration
to be able to start it on RHEL systems and clones
- Create the prometheus user for RHEL systems and clones
- Fix _service to pull correct version
- Use go_modules source service
- Upgrade to version 0.10.1:
* Fix broken log-level for values other than debug (bsc#1208965)
- Version/release lines above first usage of those macros.
gh#uyuni-project/uyuni#5418
- Prevent empty %pre section
- Exclude s390 builds
- Updated for RHEL8.
python-hwdata:
- Declare the LICENSE file as license and not doc
python-pyvmomi:
- Preparing submission to SUSE:SLE-15-SP3:Update as part of ECO PED-3623.
rhnlib:
- Version 5.0.1-1
* Specify a packager for Debian like distros
- Version 4.4.6-1
* Remove unused makefiles
- Version 4.4.5-1
* Use bundle CA certificate in rhnpush
- Version 4.4.4-1
* Only use TLSv1+ for SSL connections
- Version 4.4.3-1
* Ensure installation of make for building
- Version 4.4.2-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
- Version 4.4.1-1
* Bump version to 4.4.0
spacecmd:
- Version 5.0.1-1
* Use localhost without ssl when running on the server
- Version 4.4.10-1
* Update translation strings
- Version 4.4.9-1
- Version 4.4.8-1
* Add spacecmd function: cryptokey_update
* Bypass traditional systems check on older SUMA instances (bsc#1208612)
* fix argument parsing of distribution_update (bsc#1210458)
- Version 4.4.7-1
* remove pylint check at build time
* Display activation key details after executing the corresponding command (bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
- Version 4.4.6-1
* Fix spacecmd not showing any output for softwarechannel_diff
and softwarechannel_errata_diff (bsc#1207352)
- Version 4.4.5-1
* Prevent string api parameters to be parsed as dates if not in
ISO-8601 format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
* Remove python3-simplejson dependency
- Version 4.4.4-1
* Correctly understand 'ssm' keyword on scap scheduling
* Add vendor_advisory information to errata_details call (bsc#1205207)
* Change default port of 'Containerized Proxy configuration' 8022
- Version 4.4.3-1
* Added two missing options to schedule product migration: allow-vendor-change
and remove-products-without-successor (bsc#1204126)
* Changed schedule product migration to use the correct API method
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
* Added a warning message for traditional stack deprecation
* Remove 'Undefined return code' from debug messages (bsc#1203283)
- Version 4.4.2-1
* Stop always showing help for valid proxy_container_config calls
- Version 4.4.1-1
* Process date values in spacecmd api calls (bsc#1198903)
* Improve Proxy FQDN hint message
- Version 4.3.14-1
* Fix missing argument on system_listmigrationtargets (bsc#1201003)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
* Change proxy container config default filename to end with tar.gz
- Version 4.3.13-1
- Version 4.3.12-1
- Version 4.3.11-1
* on full system update call schedulePackageUpdate API (bsc#1197507)
spacewalk-client-tools:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.7-1
* Remove unused and deprecated/removed platform.dist import.
- Version 4.4.6-1
* Update translation strings
* Tito requires to list the package source as %{name}-%{version}.tar.gz
- Version 4.4.5-1
* remove mgr-virtualization usage
* remove dependency to suseRegisterInfo
- Version 4.4.4-1
- Version 4.4.3-1
- Version 4.4.2-1
- Version 4.4.1-1
- Version 4.3.11-1
- Version 4.3.10-1
supportutils-plugin-salt:
- Update to version 1.2.2
* Remove possible passwords from Salt configuration files (bsc#1201059)
- Update to version 1.2.1
* Remove ERROR messages on Salt client systems
- Declare the LICENSE file as license and not doc
- Update to version 1.2.0
* Add support for Salt Bundle
supportutils-plugin-susemanager-client:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.2-1
* write configured crypto-policy in supportconfig
* add cloud and payg checks
- Version 4.4.1-1
* Bump version to 4.4.0
- Version 4.3.2-1
* Add proxy containers config and logs
uyuni-common-libs:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.4-1
* Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)
* Accept missing rhn.conf file
* Use context manager for apache users in fileutils.py.
- Version 4.4.3-1
* Ensure installation of make for building.
* Use versioned Python during packaging.
- Version 4.4.2-1
* unify user notification code on java side
- Version 4.4.1-1
* Do not allow creating path if nonexistent user or group in fileutils.
- Version 4.3.5-1
* Fix reposync issue about 'rpm.hdr' object has no attribute 'get'
uyuni-proxy-systemd-services:
- Version 5.0.1-1
* Bump version to 5.0.0
- Version 4.4.2-1
* Fix script for allowing using container images from different registry paths
* Allow using container images from different registry paths
- Version 4.4.1-1
* Expose /etc/sysconfig/proxy variables to container services (bsc#1202945)
- Version 4.3.6-1
* Expose port 80 (bsc#1200142)
* Use volumes rather than bind mounts
* TFTPD to listen on udp port (bsc#1200968)
* Add TAG variable in configuration
- Version 4.3.5-1
* Fix containers namespaces in configuration
- Version 4.3.4-1
* Rename container_images_path specfile macro to less generic one
- Version 4.3.3-1
* Default to SUSE Manager images only when installed from SUSE Manager
Patchnames
SUSE-2024-196,SUSE-SLE-Manager-Tools-15-BETA-2024-196,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-196
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security Beta update for SUSE Manager Client Tools and Salt", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\nansible:\n\n- Update to version 2.9.27 (jsc#SLE-23631) (jsc#SLE-24133)\n * bsc#1187725 CVE-2021-3620 ansible-connection module discloses sensitive\n info in traceback error message (in 2.9.27)\n * bsc#1188061 CVE-2021-3583 Template Injection through yaml multi-line\n strings with ansible facts used in template. (in 2.9.23)\n * bsc#1176460 gh#ansible/ansible#72094 ansible module nmcli is broken in\n ansible 2.9.13 (in 2.9.15)\n- Update to 2.9.22:\n * CVE-2021-3447 (bsc#1183684) multiple modules expose secured values \n * CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option\n * CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values\n * CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values\n * CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module\n\ndracut-saltboot:\n\n- Update to version 0.1.1681904360.84ef141 \n * Load network configuration even when missing protocol version\n (bsc#1210640)\n- Update to verion 0.1.1674034019.a93ff61\n * Install copied wicked config as client.xml (bsc#1205599)\n- Update to version 0.1.1673279145.e7616bd\n * Add failsafe stop file when salt-minion does not stop (bsc#1172110)\n * Copy existing wicked config instead of generating new (bsc#1205599)\n- Update to version 0.1.1665997480.587fa10\n * Add dependencies on xz and gzip to support compressed images\n- Update to version 0.1.1661440542.6cbe0da\n * Use standard susemanager.conf\n * Move image services to dracut-saltboot package\n * Use salt bundle\n- Require e2fsprogs (bsc#1202614)\n- Update to version 0.1.1657643023.0d694ce\n * Update dracut-saltboot dependencies (bsc#1200970)\n * Fix network loading when ipappend is used in pxe config\n * Add new information messages\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Remove license file from %doc\n- Exclude s390 arch \n- Adapted to build on Enterprise Linux.\n- Fix build for RedHat 7\n- Require Go >= 1.14 also for CentOS\n- Add support for CentOS\n- Replace %{?systemd_requires} with %{?systemd_ordering}\n\ngolang-github-boynux-squid_exporter:\n\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Enhanced to build on Enterprise Linux 8.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for RHEL >= 8\n- Build with Go >= 1.20 when the OS is not RHEL\n- Spec file clean up\n- Fix apparmor profile for SLE 12\n- Do not build with apparmor profile for SLE 12\n- Upgrade to version 1.0.0 (jsc#PED-5405)\n * Improved flag parsing\n * Added support for custom headers\n- Build with Go 1.19\n- Build using promu\n- Add _service file\n- Fix sandboxing options\n- Upgrade to version 0.13.4\n * Fix denial of service vulnerability\n (CVE-2022-32149, bsc#1204501)\n- Upgrade to version 0.13.3\n * Fix uncontrolled resource consumption\n (CVE-2022-41723, bsc#1208270)\n- Upgrade to version 0.13.1\n * Fix panic caused by missing flagConfig options\n- Upgrade to version 0.13.0\n * Fix authentication bypass vulnarability\n (CVE-2022-46146, bsc#1208046)\n- Corrected comment in AppArmor profile\n- Added AppArmor profile\n- Added sandboxing options to systemd service unit\n- Exclude s390 architecture (gh#SUSE/spacewalk#19050)\n- Update to upstream release 0.11.0 (jsc#SLE-24791)\n * Add TLS support\n * Switch to logger, please check --log.level and --log.format\n flags\n- Update to version 0.10.1\n * Bugfix: Reset ProxyBalancer metrics on each scrape to\n remove stale data\n- Update to version 0.10.0\n * Add Apache Proxy and other metrics\n- Update to version 0.8.0\n * Change commandline flags\n * Add metrics: Apache version, request duration total\n- Adapted to build on Enterprise Linux 8\n- Require building with Go 1.15\n- Add support for RedHat 8\n + Adjust dependencies on spec file \n + Disable dwarf compression in go build\n- Add support for Red Hat\n- Add %license macro for LICENSE file \n\ngolang-github-prometheus-prometheus:\n\n- Update to 2.45.0 (jsc#PED-5406):\n * [FEATURE] API: New limit parameter to limit the number of items\n returned by `/api/v1/status/tsdb` endpoint. \n * [FEATURE] Config: Add limits to global config. \n * [FEATURE] Consul SD: Added support for `path_prefix`. \n * [FEATURE] Native histograms: Add option to scrape both classic\n and native histograms. \n * [FEATURE] Native histograms: Added support for two more\n arithmetic operators `avg_over_time` and `sum_over_time`.\n * [FEATURE] Promtool: When providing the block id, only one block\n will be loaded and analyzed. \n * [FEATURE] Remote-write: New Azure ad configuration to support\n remote writing directly to Azure Monitor workspace. \n * [FEATURE] TSDB: Samples per chunk are now configurable with\n flag `storage.tsdb.samples-per-chunk`. By default set to its\n former value 120. \n * [ENHANCEMENT] Native histograms: bucket size can now be limited\n to avoid scrape fails. \n * [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL\n sooner. \n * [BUGFIX] Native histograms: ChunkSeries iterator now checks if\n a new sample can be appended to the open chunk. \n * [BUGFIX] Native histograms: Fix Histogram Appender\n `Appendable()` segfault. \n * [BUGFIX] Native histograms: Fix setting reset header to gauge\n histograms in seriesToChunkEncoder. \n * [BUGFIX] TSDB: Tombstone intervals are not modified after Get()\n call. \n * [BUGFIX] TSDB: Use path/filepath to set the WAL directory.\n- Update to 2.44.0:\n * [FEATURE] Remote-read: Handle native histograms. \n * [FEATURE] Promtool: Health and readiness check of prometheus\n server in CLI. \n * [FEATURE] PromQL: Add `query_samples_total` metric, the total\n number of samples loaded by all queries.\n * [ENHANCEMENT] Storage: Optimise buffer used to iterate through\n samples.\n * [ENHANCEMENT] Scrape: Reduce memory allocations on target\n labels.\n * [ENHANCEMENT] PromQL: Use faster heap method for `topk()` /\n `bottomk()`.\n * [ENHANCEMENT] Rules API: Allow filtering by rule name.\n * [ENHANCEMENT] Native Histograms: Various fixes and\n improvements.\n * [ENHANCEMENT] UI: Search of scraping pools is now\n case-insensitive.\n * [ENHANCEMENT] TSDB: Add an affirmative log message for\n successful WAL repair.\n * [BUGFIX] TSDB: Block compaction failed when shutting down.\n * [BUGFIX] TSDB: Out-of-order chunks could be ignored if the\n write-behind log was deleted.\n- Update to 2.43.1\n * [BUGFIX] Labels: Set() after Del() would be ignored, which\n broke some relabeling rules.\n- Update to 2.43.0:\n * [FEATURE] Promtool: Add HTTP client configuration to query\n commands.\n * [FEATURE] Scrape: Add `include_scrape_configs` to include\n scrape configs from different files.\n * [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from\n proxied requests.\n * [FEATURE] HTTP client: Add `proxy_from_enviroment` to read\n proxies from env variables.\n * [ENHANCEMENT] API: Add support for setting lookback delta per\n query via the API.\n * [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499\n if a request is canceled.\n * [ENHANCEMENT] Scrape: Allow exemplars for all metric types.\n * [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders\n size.\n * [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot\n with index that is ahead of WAL.\n * [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to\n be more comprehensible.\n * [ENHANCEMENT] UI: Scope `group by` labels to metric in\n autocompletion.\n * [BUGFIX] Scrape: Fix\n `prometheus_target_scrape_pool_target_limit` metric not set\n before reloading.\n * [BUGFIX] TSDB: Correctly update\n `prometheus_tsdb_head_chunks_removed_total` and\n `prometheus_tsdb_head_chunks` metrics when reading WAL.\n * [BUGFIX] TSDB: Use the correct unit (seconds) when recording\n out-of-order append deltas in the\n `prometheus_tsdb_sample_ooo_delta` metric.\n- Update to 2.42.0:\n This release comes with a bunch of feature coverage for native\n histograms and breaking changes.\n If you are trying native histograms already, we recommend you\n remove the `wal` directory when upgrading.\n Because the old WAL record for native histograms is not\n backward compatible in v2.42.0, this will lead to some data\n loss for the latest data.\n Additionally, if you scrape 'float histograms' or use recording\n rules on native histograms in v2.42.0 (which writes float\n histograms), it is a one-way street since older versions do not\n support float histograms.\n * [CHANGE] **breaking** TSDB: Changed WAL record format for the\n experimental native histograms.\n * [FEATURE] Add 'keep_firing_for' field to alerting rules.\n * [FEATURE] Promtool: Add support of selecting timeseries for\n TSDB dump.\n * [ENHANCEMENT] Agent: Native histogram support.\n * [ENHANCEMENT] Rules: Support native histograms in recording\n rules.\n * [ENHANCEMENT] SD: Add container ID as a meta label for pod\n targets for Kubernetes.\n * [ENHANCEMENT] SD: Add VM size label to azure service\n discovery.\n * [ENHANCEMENT] Support native histograms in federation.\n * [ENHANCEMENT] TSDB: Add gauge histogram support.\n * [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that\n represents buckets as float64 values.\n * [ENHANCEMENT] UI: Show individual scrape pools on /targets\n page.\n- Update to 2.41.0:\n * [FEATURE] Relabeling: Add keepequal and dropequal relabel\n actions.\n * [FEATURE] Add support for HTTP proxy headers. \n * [ENHANCEMENT] Reload private certificates when changed on disk.\n * [ENHANCEMENT] Add max_version to specify maximum TLS version in\n tls_config.\n * [ENHANCEMENT] Add goos and goarch labels to\n prometheus_build_info.\n * [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs.\n * [ENHANCEMENT] SD: Add new metric\n prometheus_sd_file_watcher_errors_total.\n * [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling.\n * [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in\n iterators.\n * [ENHANCEMENT] TSDB: Optimize postings offset table reading.\n * [BUGFIX] Scrape: Validate the metric name, label names, and\n label values after relabeling.\n * [BUGFIX] Remote Write receiver and rule manager: Fix error\n handling.\n- Update to 2.40.7:\n * [BUGFIX] TSDB: Fix queries involving negative buckets of native\n histograms.\n- Update to 2.40.5:\n * [BUGFIX] TSDB: Fix queries involving native histograms due to\n improper reset of iterators.\n- Update to 2.40.3:\n * [BUGFIX] TSDB: Fix compaction after a deletion is called.\n- Update to 2.40.2:\n * [BUGFIX] UI: Fix black-on-black metric name color in dark mode.\n- Update to 2.40.1:\n * [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit\n architecture.\n * [BUGFIX] Scrape: Fix accept headers.\n- Update to 2.40.0:\n * [FEATURE] Add experimental support for native histograms.\n Enable with the flag --enable-feature=native-histograms.\n * [FEATURE] SD: Add service discovery for OVHcloud.\n * [ENHANCEMENT] Kubernetes SD: Use protobuf encoding.\n * [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved\n sorting speed.\n * [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds\n __meta_consul_partition label. Adds partition config in\n consul_sd_config.\n * [BUGFIX] API: Fix API error codes for /api/v1/labels and\n /api/v1/series.\n- Update to 2.39.1:\n * [BUGFIX] Rules: Fix notifier relabel changing the labels on\n active alerts.\n- Update to 2.39.0:\n * [FEATURE] experimental TSDB: Add support for ingesting\n out-of-order samples. This is configured via\n out_of_order_time_window field in the config file; check config\n file docs for more info.\n * [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also\n respond to a HEAD request on top of existing GET support.\n * [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label.\n * [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label.\n * [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region\n label.\n * [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory.\n * [ENHANCEMENT] TSDB: Improve WAL replay timings.\n * [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary\n data in the memory.\n * [ENHANCEMENT] TSDB: Allow overlapping blocks by default.\n --storage.tsdb.allow-overlapping-blocks now has no effect.\n * [ENHANCEMENT] UI: Click to copy label-value pair from query\n result to clipboard.\n * [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a\n memory leak.\n * [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus\n startup.\n * [BUGFIX] PromQL: Properly close file descriptor when logging\n unfinished queries.\n * [BUGFIX] Agent: Fix validation of flag options and prevent WAL\n from growing more than desired.\n- Update to 2.38.0:\n * [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint\n that allows pretty-formatting PromQL expressions.\n * [FEATURE]: UI: Add support for formatting PromQL expressions in\n the UI.\n * [FEATURE]: DNS SD: Support MX records for discovering targets.\n * [FEATURE]: Templates: Add toTime() template function that\n allows converting sample timestamps to Go time.Time values.\n * [ENHANCEMENT]: Kubernetes SD: Add\n __meta_kubernetes_service_port_number meta label indicating the\n service port number.\n __meta_kubernetes_pod_container_image meta label indicating the\n container image.\n * [ENHANCEMENT]: PromQL: When a query panics, also log the query\n itself alongside the panic message.\n * [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve\n the contrast ratio.\n * [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding\n locks and using atomic types instead.\n * [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature\n flag, which omits or removes any default HTTP (:80) or HTTPS\n (:443) ports in the target's scrape address.\n * [BUGFIX]: TSDB: In the WAL watcher metrics, expose the\n type='exemplar' label instead of type='unknown' for exemplar\n records.\n * [BUGFIX]: TSDB: Fix race condition around allocating series IDs\n during chunk snapshot loading.\n- Remove npm_licenses.tar.bz2 during 'make clean'\n- Remove web-ui archives during 'make clean'.\n- Require promu >= 0.14.0 for building\n- Drop:\n- Upgrade to version 2.37.6\n * Require Go 1.19\n- Upgrade to version 2.37.5\n * [SECURITY] Security upgrade from go and upstream dependencies\n that include security fixes to the net/http and os packages.\n- Upgrade to version 2.37.4\n * [SECURITY] Fix basic authentication bypass vulnerability\n (CVE-2022-46146, bsc#1208049, jsc#PED-3576).\n- Upgrade to version 2.37.3\n * [BUGFIX] Update our regexp library to fix upstream\n CVE-2022-41715.\n- Upgrade to version 2.37.2\n- Upgrade to version 2.37.1\n * [BUGFIX] Properly close file descriptor when logging unfinished\n queries.\n * [BUGFIX] TSDB: In the WAL watcher metrics, expose the\n- Upgrade to version 2.37.0\n * [FEATURE] Nomad SD: New service discovery for Nomad built-in\n service discovery.\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node labels for\n endpoint role.\n * [ENHANCEMENT] PromQL: Optimise creation of signature\n with/without labels.\n * [ENHANCEMENT] TSDB: Memory optimizations.\n * [ENHANCEMENT] TSDB: Reduce sleep time when reading WAL.\n * [ENHANCEMENT] OAuth2: Add appropriate timeouts and User-Agent\n header.\n * [BUGFIX] Alerting: Fix Alertmanager targets not being updated\n when alerts were queued.\n * [BUGFIX] Hetzner SD: Make authentication files relative to\n Prometheus config file.\n * [BUGFIX] Promtool: Fix promtool check config not erroring\n properly on failures.\n * [BUGFIX] Scrape: Keep relabeled scrape interval and timeout on\n reloads.\n * [BUGFIX] TSDB: Don't increment\n prometheus_tsdb_compactions_failed_total when context is\n canceled.\n * [BUGFIX] TSDB: Fix panic if series is not found when deleting\n series.\n * [BUGFIX] TSDB: Increase\n prometheus_tsdb_mmap_chunk_corruptions_total on out of sequence\n errors.\n * [BUGFIX] Uyuni SD: Make authentication files relative to\n Prometheus configuration file and fix default configuration\n values.\n- Upgrade to version 2.36.2\n * [BUGFIX] Fix serving of static assets like fonts and favicon.\n- Upgrade to version 2.36.1\n * [BUGFIX] promtool: Add --lint-fatal option.\n- Upgrade to version 2.36.0\n * [FEATURE] Add lowercase and uppercase relabel action.\n * [FEATURE] SD: Add IONOS Cloud integration.\n * [FEATURE] SD: Add Vultr integration.\n * [FEATURE] SD: Add Linode SD failure count metric.\n * [FEATURE] Add prometheus_ready metric.\n * [ENHANCEMENT] Add stripDomain to template function.\n * [ENHANCEMENT] UI: Enable active search through dropped targets.\n * [ENHANCEMENT] promtool: support matchers when querying label\n * [ENHANCEMENT] Add agent mode identifier.\n * [BUGFIX] Changing TotalQueryableSamples from int to int64.\n * [BUGFIX] tsdb/agent: Ignore duplicate exemplars.\n * [BUGFIX] TSDB: Fix chunk overflow appending samples at a\n variable rate.\n * [BUGFIX] Stop rule manager before TSDB is stopped.\n- Upgrade to version 2.35.0\n * [CHANGE] TSDB: Delete *.tmp WAL files when Prometheus starts.\n * [CHANGE] promtool: Add new flag --lint (enabled by default) for\n the commands check rules and check config, resulting in a new\n exit code (3) for linter errors.\n * [FEATURE] Support for automatically setting the variable\n GOMAXPROCS to the container CPU limit. Enable with the flag\n --enable-feature=auto-gomaxprocs.\n * [FEATURE] PromQL: Extend statistics with total and peak number\n of samples in a query. Additionally, per-step statistics are\n available with --enable-feature=promql-per-step-stats and using\n stats=all in the query API. Enable with the flag\n --enable-feature=per-step-stats.\n * [ENHANCEMENT] TSDB: more efficient sorting of postings read from\n WAL at startup.\n * [ENHANCEMENT] Azure SD: Add metric to track Azure SD failures.\n * [ENHANCEMENT] Azure SD: Add an optional resource_group\n configuration.\n * [ENHANCEMENT] Kubernetes SD: Support discovery.k8s.io/v1\n EndpointSlice (previously only discovery.k8s.io/v1beta1\n EndpointSlice was supported).\n * [ENHANCEMENT] Kubernetes SD: Allow attaching node metadata to\n discovered pods.\n * [ENHANCEMENT] OAuth2: Support for using a proxy URL to fetch\n OAuth2 tokens.\n * [ENHANCEMENT] Configuration: Add the ability to disable HTTP2.\n * [ENHANCEMENT] Config: Support overriding minimum TLS version.\n * [BUGFIX] Kubernetes SD: Explicitly include gcp auth from k8s.io.\n * [BUGFIX] Fix OpenMetrics parser to sort uppercase labels\n correctly.\n * [BUGFIX] UI: Fix scrape interval and duration tooltip not\n showing on target page.\n * [BUGFIX] Tracing/GRPC: Set TLS credentials only when insecure is\n false.\n * [BUGFIX] Agent: Fix ID collision when loading a WAL with\n multiple segments.\n * [BUGFIX] Remote-write: Fix a deadlock between Batch and flushing\n the queue.\n- Upgrade to version 2.34.0\n * [CHANGE] UI: Classic UI removed.\n * [CHANGE] Tracing: Migrate from Jaeger to OpenTelemetry based\n tracing.\n * [ENHANCEMENT] TSDB: Disable the chunk write queue by default and\n allow configuration with the experimental flag\n --storage.tsdb.head-chunks-write-queue-size.\n * [ENHANCEMENT] HTTP SD: Add a failure counter.\n * [ENHANCEMENT] Azure SD: Set Prometheus User-Agent on requests.\n * [ENHANCEMENT] Uyuni SD: Reduce the number of logins to Uyuni.\n * [ENHANCEMENT] Scrape: Log when an invalid media type is\n encountered during a scrape.\n * [ENHANCEMENT] Scrape: Accept\n application/openmetrics-text;version=1.0.0 in addition to\n version=0.0.1.\n * [ENHANCEMENT] Remote-read: Add an option to not use external\n labels as selectors for remote read.\n * [ENHANCEMENT] UI: Optimize the alerts page and add a search bar.\n * [ENHANCEMENT] UI: Improve graph colors that were hard to see.\n * [ENHANCEMENT] Config: Allow escaping of $ with $$ when using\n environment variables with external labels.\n * [BUGFIX] PromQL: Properly return an error from\n histogram_quantile when metrics have the same labelset.\n * [BUGFIX] UI: Fix bug that sets the range input to the\n resolution.\n * [BUGFIX] TSDB: Fix a query panic when\n memory-snapshot-on-shutdown is enabled.\n * [BUGFIX] Parser: Specify type in metadata parser errors.\n * [BUGFIX] Scrape: Fix label limit changes not applying.\n- Upgrade to version 2.33.5\n * [BUGFIX] Remote-write: Fix deadlock between adding to queue and\n getting batch.\n- Upgrade to version 2.33.4\n * [BUGFIX] TSDB: Fix panic when m-mapping head chunks onto the\n disk.\n- Upgrade to version 2.33.3\n * [BUGFIX] Azure SD: Fix a regression when public IP Address isn't\n set.\n- Upgrade to version 2.33.2\n * [BUGFIX] Azure SD: Fix panic when public IP Address isn't set.\n * [BUGFIX] Remote-write: Fix deadlock when stopping a shard.\n- Upgrade to version 2.33.1\n * [BUGFIX] SD: Fix no such file or directory in K8s SD when not\n running inside K8s.\n- Upgrade to version 2.33.0\n * [CHANGE] PromQL: Promote negative offset and @ modifer to stable\n features.\n * [CHANGE] Web: Promote remote-write-receiver to stable.\n * [FEATURE] Config: Add stripPort template function.\n * [FEATURE] Promtool: Add cardinality analysis to check metrics,\n enabled by flag --extended.\n * [FEATURE] SD: Enable target discovery in own K8s namespace.\n * [FEATURE] SD: Add provider ID label in K8s SD.\n * [FEATURE] Web: Add limit field to the rules API.\n * [ENHANCEMENT] Remote-write: Avoid allocations by buffering\n concrete structs instead of interfaces.\n * [ENHANCEMENT] Remote-write: Log time series details for\n out-of-order samples in remote write receiver.\n * [ENHANCEMENT] Remote-write: Shard up more when backlogged.\n * [ENHANCEMENT] TSDB: Use simpler map key to improve exemplar\n ingest performance.\n * [ENHANCEMENT] TSDB: Avoid allocations when popping from the\n intersected postings heap.\n * [ENHANCEMENT] TSDB: Make chunk writing non-blocking, avoiding\n latency spikes in remote-write.\n * [ENHANCEMENT] TSDB: Improve label matching performance.\n * [ENHANCEMENT] UI: Optimize the service discovery page and add a search bar.\n * [ENHANCEMENT] UI: Optimize the target page and add a search bar.\n * [BUGFIX] Promtool: Make exit codes more consistent.\n * [BUGFIX] Promtool: Fix flakiness of rule testing.\n * [BUGFIX] Remote-write: Update\n prometheus_remote_storage_queue_highest_sent_timestamp_seconds\n metric when write irrecoverably fails.\n * [BUGFIX] Storage: Avoid panic in BufferedSeriesIterator.\n * [BUGFIX] TSDB: CompactBlockMetas should produce correct\n mint/maxt for overlapping blocks.\n * [BUGFIX] TSDB: Fix logging of exemplar storage size.\n * [BUGFIX] UI: Fix overlapping click targets for the alert state\n checkboxes.\n * [BUGFIX] UI: Fix Unhealthy filter on target page to actually\n display only Unhealthy targets.\n * [BUGFIX] UI: Fix autocompletion when expression is empty.\n * [BUGFIX] TSDB: Fix deadlock from simultaneous GC and write.\n- Fix authentication bypass by updating Prometheus Exporter Toolkit\n to version 0.7.3 (CVE-2022-46146, bsc#1208049)\n- Fix uncontrolled resource consumption by updating Go to version\n 1.20.1 (CVE-2022-41723, bsc#1208298)\n- Restructure the spec to build web assets online\n * Makefile\n\ngrafana:\n\n- Update to version 9.5.8:\n * Features and enhancements\n GenericOAuth: Set sub as auth id\n * Bug fixes:\n DataSourceProxy: Fix url validation error handling\n- Update to version 9.5.7:\n Alerting: Sort NumberCaptureValues in EvaluationString\n Alerting: Improve performance of matching captures\n Alerting: No longer silence paused alerts during legacy\n migration\n Alerting: Remove and revert flag alertingBigTransactions\n Alerting: Migrate unknown NoData\\Error settings to the default\n Tracing: supply Grafana build version\n Tempo: Escape regex-sensitive characters in span name before\n building promql query\n Plugins: Only configure plugin proxy transport once\n Alerting: Fix unique violation when updating rule group with\n title chains/cycles\n Prometheus: Version detect bug\n Prometheus: Fix heatmap format with no data\n Database: Change getExistingDashboardByTitleAndFolder to get\n dashboard by title, not slug \n Alerting: Convert 'Both' type Prometheus queries to 'Range' in\n SQLStore: Fix Postgres dialect treating 'false' migrator\n default as true\n Alerting: Support newer http_config struct\n InfluxDB: Interpolate retention policies\n StatusHistory: Fix rendering of value-mapped null\n Alerting: Fix provenance guard checks for Alertmanager\n configuration to not cause panic when compared nested\n objects\n AnonymousAuth: Fix concurrent read-write crash\n AzureMonitor: Ensure legacy properties containing template\n variables are correctly migrated\n Explore: Remove data source onboarding page\n Dashboard: Re-align Save form\n Azure Monitor: Fix bug that did not show alert rule preview\n Histogram: Respect min/max panel settings for x-axis\n Heatmap: Fix color rendering for value ranges < 1\n Heatmap: Handle unsorted timestamps in calculate mode\n Google Cloud Monitor: Fix mem usage for dropdown\n AzureMonitor: Fix logs query multi-resource and timespan values\n Utils: Reimplement util.GetRandomString to avoid modulo bias\n Alerting: Fix matching labels with spaces in their values\n Dashboard: Fix applying timezone to datetime variables\n Dashboard: Fix panel description event triggering every time\n panel is rendered\n Tempo: Fix get label values based on CoreApp type\n Heatmap: Fix log scale editor\n Dashboard: Fix disappearing panel when viewed panel is\n refreshed\n Prometheus: Fix bug in creating autocomplete queries with\n labels\n Prometheus: Fix Query Inspector expression range value\n Alerting: Fix migration failing if alert_configuration table is\n not empty\n InfluxDB: Fix querying retention policies on flux mode\n- Update to version 9.5.6:\n * Bug fixes\n Dashboard: Fix library panels in collapsed rows not getting\n updated\n Auth: Add and document option for enabling email lookup\n- Update to version 9.5.5:\n Security: Fix authentication bypass using Azure AD OAuth\n (bsc#1212641, CVE-2023-3128, jsc#PED-3694).\n Auth: Show invite button if disable login form is set to false.\n Azure: Fix Kusto auto-completion for Azure datasources.\n RBAC: Remove legacy AC editor and admin role on new dashboard\n route.\n API: Revert allowing editors to access GET /datasources. \n Settings: Add ability to override skip_org_role_sync with Env\n variables.\n- Update to version 9.5.3:\n Query: Prevent crash while executing concurrent mixed queries\n (bsc#1212099, CVE-2023-2801).\n Alerting: Require alert.notifications:write permissions to test\n receivers and templates (bsc#1212100, CVE-2023-2183).\n- Update to version 9.5.2:\n Alerting: Scheduler use rule fingerprint instead of version.\n Explore: Update table min height.\n DataLinks: Encoded URL fixed.\n TimeSeries: Fix leading null-fill for missing intervals.\n Dashboard: Revert fixed header shown on mobile devices in the\n new panel header.\n PostgreSQL: Fix TLS certificate issue by downgrading lib/pq.\n Provisioning: Fix provisioning issues with legacy alerting and\n data source permissions.\n Alerting: Fix misleading status code in provisioning API.\n Loki: Fix log samples using `instant` queries.\n Panel Header: Implement new Panel Header on Angular Panels.\n Azure Monitor: Fix bug that was not showing resources for\n certain locations.\n Alerting: Fix panic when reparenting receivers to groups\n following an attempted rename via Provisioning.\n Cloudwatch Logs: Clarify Cloudwatch Logs Limits.\n- Update to 9.5.1\n Loki Variable Query Editor: Fix bug when the query is updated\n Expressions: Fix expression load with legacy UID -100\n- Update to 9.5.0 (CVE-2023-1387, bsc#1210907, jsc#PED-3694)\n * Breaking changes\n - default named retention policies won't be used to query.\n Users who have a default named retention policy in their\n influxdb database, have to rename it to something else.\n Having default named retention policy is not breaking\n anything. We will make sure to use the actual default\n retention policy under the hood. To change the hardcoded\n retention policy in the dashboard.json, users must they\n select the right retention policy from dropdown and save the\n panel/dashboard.\n - Grafana Alerting rules with NoDataState configuration set to\n Alerting will now respect 'For' duration.\n - Users who use LDAP role sync to only sync Viewer, Editor and\n Admin roles, but grant Grafana Server Admin role manually\n will not be able to do that anymore. After this change, LDAP\n role sync will override any manual changes to Grafana Server\n Admin role assignments. If grafana_admin is left unset in\n LDAP role mapping configuration, it will default to false.\n API keys: Add deprecation to api keys.\n API: Enable serving Swagger UI by default and add docs and\n guidelines.\n API: Permit Cache-Control (browser caching) for datasource\n resources.\n Accessibility: Make row actions keyboard accessible.\n Admin/Plugins: Set category filter in connections link.\n Alerting: Add CustomDetails field in PagerDuty contact point.\n Alerting: Add dashboard and panel links to rule and instance\n annotations.\n Alerting: Add filter and remove funcs for custom labels and\n Alerting: Add fuzzy search to alert list view.\n Alerting: Add metrics for active receiver and integrations.\n Alerting: Better printing of labels.\n Alerting: Create new state history 'fanout' backend that\n dispatches to multiple other backends at once.\n Alerting: Enable preview for recording rules.\n Alerting: Fetch all applied alerting configurations.\n Alerting: Introduce proper feature toggles for common state\n history backend combinations.\n Alerting: Make time range query parameters not required when\n querying Loki.\n Alerting: New notification policies view.\n Alerting: No longer index state history log streams by\n instance labels.\n Alerting: Respect 'For' Duration for NoData alerts.\n Alerting: Support filtering rules by multiple datasources.\n Alerting: Switch to snappy-compressed-protobuf for outgoing\n push requests to Loki.\n Angular: Prevent angular from loading when disabled.\n Auth: Add Generic oauth skip org role sync setting.\n Auth: Add feature flag to move token rotation to client.\n Auth: Show user sync external Authentication status.\n Backend: Use sdk version 0.148.0.\n Chore: Add stat for remote cache config.\n Chore: Replace short UID generation with more standard UUIDs.\n Chore: Use DOMPurify to sanitize strings rather than js-xss.\n CloudMonitoring: Add possibility to use path for private key.\n CloudWatch Logs: Update default timeout to 30m.\n CloudWatch: Add AWS/IotSiteWise namespace and metrics.\n CloudWatch: Add account support to variable queries.\n CloudWatch: Make deeplinks work for us-gov and china regions.\n Cloudwatch: Add MeteredIOBytes metric for EFS.\n Command Palette: Display dashboard location.\n Command palette: Enable folder searching.\n Connections: Turn on feature toggle by default.\n Cookies: Provide a mechanism for per user control over cookies.\n Dashboard Datasource: Update Query List & Improve UX.\n Dashboard: Add a feature that creates a table panel when a\n spreadsheet file is dropped on the dashboard.\n Dashboard: Add new visualization/row/library panel/pasted\n panel is now a dropdown menu.\n Dashboard: Add value format for requests per minute.\n Dashboard: Empty/No Panels dashboard with a new design.\n Dashboard: When dashboard is not found show message instead\n of empty page.\n Dashboards: Enable feature flag newPanelChromeUI by default.\n Dataplane: Support timeSeriesLong without transform.\n Datasources: Add user_agent header customization for outgoing\n HTTP requests.\n Datasources: Use getDefaultQuery in annotations editors.\n Docs: Add documentation on how to debug backend plugins.\n Docs: Deprecate dashboard previews.\n Elasticsearch: Detect Elasticsearch version.\n Elasticsearch: Run Explore queries trough data source backend.\n Explore: Add range option to internal data links.\n Explore: Add transformations to correlation data links.\n Explore: Support mixed data sources for supplementary query.\n Extensions: Expose an enum for available placements.\n Feat: Changing link destination for get more plugins.\n Feat: Linking to plugin details page rather than externally\n for new datasources.\n FieldMatchers: Add match by value (reducer).\n Flame graph: Add context menu.\n Flame graph: Add metadata above flame graph.\n Geomap: Improve tooltip url for photos layer.\n Geomap: Release night / day layer.\n InfluxDB: Move database information into jsondata.\n Jaeger and Zipkin: Config & docs upgrade.\n LDAP: Allow setting minimum TLS version and accepted ciphers.\n Live: Remove (alpha) ability to configure live pipelines.\n Logger: Add feature toggle for errors in HTTP request logs.\n Login: Allow custom name and icon for social providers.\n Logs Panel: Refactor style generation to improve rendering\n performance.\n Logs: Add millisecond to timestamp in log line.\n Logs: Rename dedup to deduplicate.\n Loki Query Editor: Make Monaco the default editor.\n Loki: Add unpack query builder hint.\n Loki: Add descriptions to query builder operations.\n Loki: Add placeholder to the loki query editor.\n Loki: Always fetch for new label keys in the QueryBuilder.\n Loki: Display error with label filter conflicts.\n Loki: Improve the display of loki query stats.\n MSSQL/Postgres: List views in table dropdown as well.\n MSSQL: Update forked go-mssqldb dependency.\n Metrics: Update comment to mention folders instead of\n dashboards.\n Navigation: Enable new navigation by default.\n NodeGraph: Support icons for nodes.\n Notifications: Enable display of trace ID by default.\n Packaging: Start Grafana service after InfluxDB.\n Panel Header: Add CancelQuery option to panel header.\n Panel: Show multiple errors info in the inspector.\n PanelChrome: Add option to show actions on the right side\n (actions = leftItems).\n Phlare: Allow variables in labelSelector (in query).\n Plugin: Skip preloading disabled app plugins.\n Plugins: Add optional logger for plugin requests sent to backend\n plugins.\n Plugins: Extend panel menu with commands from plugins.\n Plugins: Extend panel menu with links from plugins.\n Plugins: Improve instrumentation by adding metrics and tracing.\n Plugins: Support for distributed tracing in backend plugins SDK.\n Plugins: Support for link extensions.\n Profiling: Enable flame graph & Phlare/Parca data sources for\n all users.\n Prometheus Datasource: Improve Prom query variable editor.\n Prometheus Metrics: Add missing stat_total_teams metric.\n Prometheus/Loki: Run query explicitly instead of onblur in panel\n edit.\n Prometheus: Browser resource caching.\n Prometheus: Improve prometheus query variable editor.\n Prometheus: Use $__rate_interval for rate queries generated by\n metric browser.\n Pubdash: Email sharing handle dashboard deleted.\n PublicDashboards: Backfills share column with default value.\n PublicDashboards: Configuration modal redesign.\n PublicDashboards: Email sharing.\n PublicDashboards: Enable creation when dashboard has template\n variables.\n PublicDashboards: Paused or deleted public dashboard screen.\n QueryHistory: Improve handling of mixed datasource entries.\n Rendering: Experimental support to use JWTs as auth method.\n SQL Datasources: Add back help content.\n Schema: Remove exclusion for timeseries and update imports.\n Search: Improvements for starred dashboard search.\n Select: Show icon in the grafana/ui Select component.\n Service accounts: Creation logic simplification.\n Service accounts: Remove Add API keys buttons and remove one\n state of migrating for API keys tab.\n SplitOpen: Update API to accept multiple queries.\n Stat Panel: Add an option for a non-gradient/solid background.\n Stat: Add ability to remove default single-color background\n gradient.\n SupportBundles: Add OAuth bundle collectors.\n Table Panel: Add ability to use text color for value or hide\n value in gauge cell.\n Table: Introduce sparkline cell type.\n Tempo: Config and doc updates.\n Tempo: Update service graph view and docs.\n TraceView: Add key and url escaping of json tag values.\n TraceView: Reworked header.\n Tracing: Add more detail to HTTP Outgoing Request.\n Tracing: Docs and config improvements for Tempo/Jaeger/Zipkin.\n Tracing: Support multiple OTel propagators.\n Transformations: Support time format when converting time to\n strings.\n Transformers: Support adding the row index using calculate\n field transformer.\n Units: Format currency with negative before the symbol.\n API: Fix 'Updated by' Column in dashboard versions table.\n AccessControl: Allow editors to access GET /api/datasources.\n Alerting: Add 'backend' label to state history writes metrics.\n Alerting: Add alert instance labels to Loki log lines in\n addition to stream labels.\n Alerting: Elide requests to Loki if nothing should be recorded.\n Alerting: Fix DatasourceUID and RefID missing for\n DatasourceNoData alerts.\n Alerting: Fix ambiguous handling of equals in labels when\n bucketing Loki state history streams.\n Alerting: Fix attachment of external labels to Loki state\n history log streams.\n Alerting: Fix creating a recording rule when having multiple\n datasources.\n Alerting: Fix explore link in alert detail view.\n Alerting: Fix share URL for Prometheus rules on subpath.\n Alerting: Fix stats that display alert count when using unified\n alerting.\n Alerting: Hide mute timing actions when dealing with vanilla\n prometheus.\n Alerting: Paginate result previews.\n Alerting: Prometheus-compatible Alertmanager timings editor.\n Alerting: Update scheduler to get updates only from database.\n Alerting: Use a completely isolated context for state history\n writes.\n Alerting: Use displayNameFromDS if available in preview.\n Annotation List: Fix panel not updating when variable is\n changed.\n Annotations: Ignore unique constraint violations for tags.\n Auth: Fix orgrole picker disabled if isSynced user.\n AzureMonitor: Fix Log Analytics portal links.\n BrowseDashboards: Fix move to General folder not working.\n Catalog: Show install error with incompatible version.\n Chore: Update Grafana to use Alertmanager\n v0.25.1-0.20230308154952-78fedf89728b.\n CloudMonitoring: Add project selector for MQL editor[fix].\n CloudWatch Logs: Fix running logs queries with expressions.\n CloudWatch Logs: Fix to make log queries use a relative time if\n available.\n CloudWatch Logs: Revert 'Queries in an expression should run\n synchronously'.\n CloudWatch: Fix cachedQueries insights not being updated for\n metric queries.\n Cloudwatch: Pass refId from query for expression queries.\n Dashboards: Evaluate provisioned dashboard titles in a\n backwards compatible way.\n Dashboards: Fix broken internal data links.\n Database: Don't sleep 10ms before every request.\n Elasticsearch: Fix processing of response with multiple group\n by for alerting.\n Elasticsearch: Handle multiple annotation structures.\n Email: Mark HTML comments as 'safe' in email templates.\n ErrorHandling: Fixes issues with bad error messages.\n ErrorView: Better detection of no-data responses.\n Explore: Make DataSourcePicker visible on small screens.\n Fix: DataLinks from data sources override user defined data\n link.\n Fix: Top table rendering and update docs.\n Frontend: Fix broken links in /plugins when pathname has a\n trailing slash.\n Geomap: Fix route layer zoom behavior.\n Google Cloud Monitoring: Fix project variable.\n HeatMap: Sort y buckets when all bucket names are numeric.\n InfluxDB: Fix querying with hardcoded retention policy.\n InfluxDB: Fix sending retention policy with InfluxQL queries.\n KVStore: Include database field in migration.\n LDAP: Always synchronize Server Admin role through role sync if\n role sync is enabled.\n Library panels: Ensure pagination controls are always correctly\n displayed.\n Loki: Fix autocomplete situations with multiple escaped quotes.\n MegaMenu: Fixes mega menu showing scroll indicator when it\n shouldn't.\n Navigation: Redirect to root page when switching organization.\n Navigation: Scrolled hamburger menu links now navigate correctly\n in Safari.\n NestedFolders: Fix nested folder deletion.\n New Panel Header: Fix when clicking submenu item the parent\n menu item onClick get's triggered.\n Phlare: Fix error when there are no profileTypes to send from\n backend.\n PieChart: Show long labels properly.\n PluginExtensions: Fixed issue with incorrect type being\n exposed when configuring an extension.\n Plugins: Ensure proxy route bodies are valid JSON.\n Plugins: Fix width for README pages with tables.\n Plugins: Markdown fetch retry with lowercase.\n Plugins: Skip instrumenting plugin build info for core and\n bundled plugins.\n PublicDashboards: Query collapsed panels inside rows.\n Query Splitting: Fix for handling queries with no requestId.\n SQL Datasources: Fix variable throwing error if query returns no\n data.\n SQL Datasources: Prevent Call Stack Overflows with Large\n Numbers of Values for Variable.\n SQLStore: Fix SQLite error propagation if query retries are\n disabled.\n Stat Panel: Fix issue with clipping text values.\n Table Panel: Fix panel migration for options cell type.\n Table: Fix migrations from old angular table for cell color\n modes.\n Table: Fixes issue with pagination summary causing scrollbar.\n Table: Fixes table panel gauge alignment.\n TablePanel: Fix table cells overflowing when there are\n multiple data links.\n TablePanel: fix footer bug; no footer calculated values after\n 'hidden' column override.\n Templating: Allow percent encoding of variable with custom all.\n Tempo: Set default limit if none is provided for traceql\n queries.\n TimeSeries: Don't extend stepped interpolation to graph edges.\n TimeSeries: Improve stacking direction heuristic.\n Trace View: Update the queryType to traceql for checking if\n same trace when clicking span link.\n TraceView: Don't require preferredVisualisationType to render.\n Utils: Reimplement util.GetRandomString to avoid modulo bias.\n XYChart: Add all dataset columns in tooltip.\n * Plugin development fixes & changes\n DateTimePicker: Can now select time correctly.\n Grafana UI: Fix tooltip prop of button component.\n DateTimePicker: Add min date support to calendar.\n GrafanaUI: Implement new component Toggletip.\n ContextMenu: Fix padding and show border based on items.\n- Update to 9.4.7 (2023-03-16)\n Alerting: Update scheduler to receive rule updates only from\n database.\n Influxdb: Re-introduce backend migration feature toggle.\n Security: Fixes for CVE-2023-1410.\n The InfluxDB backend migration feature toggle\n (influxdbBackendMigration) has been reintroduced in this\n version as issues were discovered with backend processing of\n InfluxDB data. Unless this feature toggle is enabled, all\n InfluxDB data will be parsed in the frontend. This frontend\n processing is the default behavior.\n In Grafana 9.4.4, InfluxDB data parsing started to be handled\n in the backend. If you have upgraded to 9.4.4 and then added\n new transformations on InfluxDB data, those panels will fail to\n render. To resolve this either:\n Remove the affected panel and re-create it or\n edit the `time` field as `Time` in `panel.json` or\n `dashboard.json`\n as the exporter toolkit has been updated by upstream\n- Install wrapper scripts under /usr/sbin\n- Install actual binaries under /usr/libexec/grafana (or /usr/lib\n under older distributions) and create a simlink for wrapper\n scripts and the service (which expect the binary to be under\n /usr/share/grafana/bin)\n- Update to 9.4.3\n Alerting: Use background context for maintenance function.\n- Update to 9.4.2\n Alerting: Fix boolean default in migration from false to 0.\n- Update to 9.4.0\n Alerting: Add endpoint for querying state history.\n Alerting: Add label query parameters to state history endpoint.\n Alerting: Add static label to all state history entries.\n Alerting: Mark AM configuration as applied.\n Azure Monitor: Enable multiple resource queries.\n Query Caching: Add per-panel query caching TTL.\n Table: Add row number column option.\n Tempo: Remove tempoApmTable feature flag.\n Transformations: Selectively apply transformation to queries.\n AccessControl: Clear user permission cache for update org user\n role.\n Alerting: Fix handling of special floating-point cases\n when writing observed values to annotations.\n Auth: Rotate token patch.\n ContextMenu: Consider y coord when determining bottom\n collision.\n Elasticsearch: Fix consistent label order in alerting.\n Explore: Fix graph not updating when changing config.\n Heatmap: Support heatmap rows with non-timeseries X axis.\n Login: Fix panic when a user is upserted by a background\n process.\n MSSQL: Add support for macro function calls.\n MySQL: Quote identifiers that include special characters.\n Navigation: Sign in button now works correctly when\n served under a sub path.\n Nested Folder: Fix for SQLite not to overwrite the parent on\n restarts.\n PanelChrome: Adds display mode to support transparent option.\n Plugins: Case-sensitive routes for standalone pages.\n Plugins: Prefer to use the data source UID when querying.\n SQLStore: Fix folder migration for MySQL < 5.7.\n Search: Fix not being able to clear sort value.\n Tempo: Fix span name being dropped from the query.\n PanelChrome: Implement hover header.\n- Update to 9.3.7\n Alerting: Validate that tags are 100 characters or less.\n Expressions: Fixes the issue showing expressions editor.\n Logs: Fix stats not being updated when log results change.\n Plugins: Fix circular reference in customOptions leading\n to MarshalJSON errors.\n Time Series Panel: Fix legend text selection in Firefox.\n- Update to 9.3.6\n QueryEditorRow: Fixes issue loading query editor when\n data source variable selected.\n- Update to 9.3.4\n Prometheus: Add default editor configuration.\n TextPanel: Refactor to functional component.\n Alerting: Fix webhook to use correct key for decrypting token.\n Alerting: Set error annotation on EvaluationError regardless of\n underlying error type.\n Datasources: Fix Proxy by UID Failing for UIDs with a Hyphen.\n Fix creating of span link with no tags.\n Elasticsearch: Fix failing requests when using SigV4.\n Elasticsearch: Fix toggle-settings are not shown correctly.\n Explore: Be sure time range key bindings are mounted after\n clear.\n Explore: Unsync time ranges when a pane is closed.\n Logs: Lines with long words do not break properly.\n Loki: Fix misaligned derived fields settings.\n Query Builder: Fix max width of input component to prevent\n overflows.\n Search: Auto focus input elements.\n Search: Fix empty folder message showing when by starred\n dashboards.\n Table Panel: Fix image of image cell overflowing table cell and\n cells ignoring text alignment setting when a data\n link is added.\n- Update to 9.3.2\n Graphite: Process multiple queries to Graphite plugin.\n API: Fix delete user failure due to quota not enabled.\n Accessibility: Improved keyboard accessibility in BarGauge.\n Accessibility: Improved keyboard accessibility in BigValue.\n Alerting: Use the QuotaTargetSrv instead of the QuotaTarget in\n quota check.\n AzureMonitor: Automate location retrieval.\n AzureMonitor: Fix bad request when setting dimensions.\n BarChart: Fix value mappings.\n Build: Streamline and sync dockerfiles.\n Build: Unified dockerfile for all builds.\n CloudWatch: Fix - make sure dimensions are propagated to alert\n query editor.\n Cloudwatch: Fix deeplink with default region.\n Command Palette: Fix not being able to type if triggered\n whilst another modal is open.\n Command Palette: Maintain page state when changing theme.\n Dashboards: Fix 'Make Editable' button not working in\n Dashboard Settings.\n Dashboards: Show error when data source is missing.\n Datasource: Fix - apply default query also to queries in new\n panels.\n Dropdown: Menu now closes correctly when selecting\n options on touch devices.\n Influx: Query segment menus now position correctly near\n the bottom of the screen.\n Login: Fix failure to login a new user via an external\n provider if quota are enabled.\n Loki/Prometheus: Fix wrong queries executed in split view.\n Loki: Fix wrongly escaped label values when using LabelFilter.\n Navigation: Prevent app crash when importing a dashboard with a\n uid of `home`.\n Panel Edit: Fix data links edit icons being off screen when\n provided title is too long.\n Prometheus: Fix exemplar fill color to match series color in\n time series.\n Prometheus: Fix exemplars not respecting corresponding series\n display status.\n StateTimeline: Fix negative infinity legend/tooltip from\n thresholds.\n Table: Fixes row border style not showing and colored\n rows blending together.\n Tempo: Fix TraceQL autocomplete issues.\n TimePicker: Prevent TimePicker overflowing viewport on small\n screens.\n TimeRangePicker: Fix recently ranges only not showing all recent\n ranges.\n TimeZonePicker: Scroll menu correctly when using keyboard\n controls.\n- Update to 9.3.1\n Connections: Update 'Your connections/Data sources' page.\n Accessibility: Increase badge constrast to be WCAG AA compliant.\n- Update to 9.3.0\n Alerting: Enable interpolation for notification policies in file\n provisioning.\n Azure Monitor Logs: Avoid warning when the response is empty.\n Azure Monitor: Add support to customized routes.\n Canvas: Add icon value mapping.\n CloudWatch: Cross-account querying support.\n Docs: Update `merge-pull-request.md` regarding backport\n policies.\n GaugePanel: Setting the neutral-point of a gauge.\n Geomap: Improve location editor.\n Internationalization: Enable internationalization by default.\n Logs: Add `Download logs` button to log log-browser.\n Loki: Add `gzip` compression to resource calls.\n Loki: Add improvements to loki label browser.\n Loki: Make label browser accessible in query builder.\n Loki: Remove raw query toggle.\n Middleware: Add CSP Report Only support.\n Navigation: Prevent viewer role accessing dashboard\n creation, import and folder creation.\n OAuth: Refactor OAuth parameters handling to support\n obtaining refresh tokens for Google OAuth.\n Oauth: Display friendly error message when\n role_attribute_strict=true and no valid role found.\n Preferences: Add confirmation modal when saving org preferences.\n PublicDashboards: Orphaned public dashboard deletion script\n added.\n Query Editor: Hide overflow for long query names.\n Solo Panel: Configurable timezone.\n TablePanel: Add support for Count calculation per column\n or per entire dataset.\n Tempo: Send the correct start time when making a TraceQL query.\n Various Panels: Remove beta label from Bar Chart, Candlestick,\n Histogram, State Timeline, & Status History\n Panels.\n Access Control: Clear user's permission cache after resource\n creation.\n Accessibility: Improve keyboard accessibility in\n `AnnoListPanel`.\n Accessibility: Improve keyboard accessibility in `Collapse`.\n `GettingStarted` panel.\n Accessibility: Improve keyboard accessibility of `FilterPill`.\n Admin: Fix broken links to image assets in email templates.\n Azure Monitor: Fix namespace selection for storageaccounts.\n Calcs: Fix difference percent in legend.\n DataLinks: Improve Data-Links AutoComplete Logic.\n Explore: Fix a11y issue with logs navigation buttons.\n Heatmap: Fix blurry text & rendering.\n Heatmap: Fix tooltip y range of top and bottom buckets in\n calculated heatmaps.\n Logs: Fix misalignment of LogRows.\n Navigation: Stop clearing search state when opening a\n result in a new tab.\n OptionsUI: SliderValueEditor does not get auto focused on\n slider change.\n PanelEdit: Fixes bug with not remembering panel options\n pane collapse/expand state.\n Quota: Fix failure in store due to missing scope parameters.\n Quota: Fix failure when checking session limits.\n StateTimeline: Prevent label text from overflowing state rects.\n Tempo: Fix search table duration unit.\n TraceView: Fix broken rendering when scrolling in Dashboard\n panel in Firefox.\n GrafanaUI: Add disabled option for menu items.\n- Update to 9.2.4\n Access Control: Add an endpoint for setting several managed\n resource permissions.\n Accessibility: Increase `Select` placeholder contrast to\n be WCAG AA compliant.\n Alerting: Append org ID to alert notification URLs.\n Alerting: Make the Grouped view the default one for Rules.\n Build: Remove unnecessary alpine package updates.\n Google Cloud Monitoring: Set frame interval to draw null values.\n Instrumentation: Expose when the binary was built as a gauge.\n Loki: Preserve `X-ID-Token` header.\n Search: Reduce requests in folder view.\n TimeSeries: More thorough detection of negative values for\n auto-stacking direction.\n Alerting: Attempt to preserve UID from migrated legacy channel.\n Alerting: Fix response is not returned for invalid Duration in\n Provisioning API.\n Alerting: Fix screenshot is not taken for stale series.\n Auth: Fix admins not seeing pending invites.\n MSSQL/Postgres: Fix visual query editor filter disappearing.\n Tempo: Fix dropdown issue on tag field focus.\n Timeseries: Fix null pointer when matching fill below to field.\n Toolkit: Fix Webpack less-loader config.\n- Update to 9.2.3\n Docs: Add information about DB version support to upgrade guide.\n Footer: Update footer release notes link to Github changelog.\n Prometheus: Do not drop errors in streaming parser.\n Prometheus: Flavor/version configuration.\n Prometheus: Provide label values match parameter API when\n supported prometheus instance is configured.\n Security: Upgrade x/text to version unaffected by\n CVE-2022-32149.\n Auth: Fix GF_AUTH_JWT_URL_LOGIN env variable doesn't work.\n Live: Explicitly reply with http 200.\n Prometheus: Fix builder operation mode changing\n multiselect to single select behaviour.\n Security: Fix vulnerabilities in webpack loader-utils.\n- Update to 9.2.2\n Alerting: Add support for wecom apiapp.\n Canvas: Improve resource picker initialization.\n Canvas: Improve text element readability.\n CloudWatch: Make sure adoption tracking is done on valid,\n migrated queries.\n Dashboard: Alerts user to incorrect tag format for JSON import.\n MSSQL: Support tables from all schemas.\n Opentsdb: Allow template variables for filter keys.\n QueryEditor: Revert components from grafana-ui.\n Browse: Fix General folder not showing in FolderPicker.\n Elasticsearch: Fix calculation of trimEdges in alert mode.\n Elasticsearch: Fix trimEdges delete logic in alert mode.\n GoogleOAuth: Unlock User Admin UI.\n LogContext: Fix wrong color of `show context` icon in light\n theme.\n Loki: Fix adding of adhoc filters to stream selector when query\n with empty stream selector.\n Loki: Fix double stringified log-lines when copied via Copy\n button.\n Loki: Fix explain section about $\\_\\_interval variable.\n Loki: Remove already selected options from next label filter\n options in builder.\n NodeGraph: Fix rendering issues when values of arc are over 1.\n PublicDashboards: Fix hidden queries execution.\n Tempo: Fix Node Graph visualization type in dashboard.\n TimeSeries: Fix stacking when first value is negative zero.\n TimeseriesPanel: Fix variables in data links.\n User: Fix externalUserId not being populated.\n We added some components a bit too early to @grafana/ui in 9.2\n so we are moving them back to @grafana/experimental. If you\n used any of these components\n AccessoryButton\n EditorFieldGroup\n EditorHeader\n EditorField\n EditorRow\n EditorList\n EditorRows\n EditorSwitch\n FlexItem\n Stack\n InlineSelect\n InputGroup\n Space\n Please use them from grafana/experimental from now on.\n- Update to 9.2.1\n Alerting: Improve notification policies created during\n migration.\n AzureAD: Add option to force fetch the groups from the\n Graph API.\n Docs: Note end of release notes publication.\n Inspect: Handle JSON tab crash when the provided object\n is too big to stringify.\n TablePanel: Footer now updates values on column filtering.\n Alerting: Fix email image embedding on Windows.\n Alerting: Fix mathexp.NoData for ConditionsCmd.\n Legacy Alerting: Fix duration calculation when testing a rule.\n Loki: Propagate additional headers from Grafana to Loki\n when querying data.\n Search: Sort alphabetically in the folder view, increase\n the limit of the folder search from 50 to 1000.\n TablePanel: Fix last table column to be centered.\n Grafana UI: Export prop types for queryfield, modal and field\n components.\n Toolkit: Fix `Cannot use import statement outside...` error in\n tests.\n- Update to 9.2.0\n Alerting: Add Notification error feedback on contact points\n view.\n Alerting: Allow created by to be manually set when\n there's no creator for silences.\n Alerting: Expose info about notification delivery errors\n in a new /receivers endpoint.\n Alerting: Update imported prometheus alertmanager version.\n Alerting: Write and Delete multiple alert instances.\n Core: Implement aria attributes for query rows, improve a11y.\n DevEnv: Adds docker block for clickhouse.\n Docker: removes unneccesary use of edge repo.\n Explore: Revert split pane resize feature.\n Frontend: Make local storage items propagate to different tabs\n immediately.\n PublicDashboards: Allow disabling an existent public dashboard\n if it.\n QueryEditorRow: Only pass error to query editor if panel\n is not in a loading state.\n XYChart: Beta release.\n Alerting: Start ticker only when scheduler starts.\n Alerting: Fix pq: missing FROM-clause for table 'a'.\n AzureMonitor: Correctly update subscriptions value in ARG\n editor.\n Chore: Regenerate swagger specification and fix validation\n failures.\n Correlations: Only return correlation for which both\n source and target datasources exist.\n Explore: Prevent panes from disappearing when resizing\n window in split view.\n Links: Fix opening links from different orgs on the same tab.\n LogContext: Fix scroll position in upper context group.\n Logs: Show copy button independently from context.\n Loki/Prometheus: Fix adding of ad hoc filters when\n jumping from dashboard to explore.\n Loki: Add support for range aggregations with by grouping.\n Loki: Fix label-value escaping in context query.\n Loki: Fix redundant escaping in adhoc filter with regex match.\n PanelEdit: Fixes resize pane border and spacing issues.\n RBAC: Redirect to /login when forceLogin is set.\n Security: Fix CVE-2022-27664.\n StateTimeline: Fix tooltip showing erroneously in shared\n crosshair dashboards.\n Tempo: Fix unexpected trimming of leading zeroes in traceID.\n Tracing: Fix bug where errors are not reported to OpenTelemetry.\n- Update to 9.1.8\n Alerting: Fix evaluation interval validation.\n Alerting: Fix migration to create rules with group index 1.\n Alerting: Fix migration to not add label 'alertname'.\n Azure Monitor: Fix empty Logs response for Alerting.\n Azure Monitor: Fix subscription selector when changing data\n sources.\n Google Cloud Monitoring: Fix bucket bound for distributions.\n- Update to 9.1.7\n CloudWatch: Add missing AWS/Prometheus metrics.\n Explore: Add feature tracking events.\n Graphite: Add error information to graphite queries tracing.\n Prometheus: Restore FromAlert header.\n Search: Add search index configuration options.\n Thresholds: Add option for dashed line style.\n Alerting: Fix default query's data source when no default\n datasource specified.\n Alerting: Fix mathexp.NoData cannot be reduced.\n Alerting: Skip unsupported file types on provisioning.\n AzureMonitor: Ensure resourceURI template variable is migrated.\n Dashboard: Fix plugin dashboard save as button.\n Docs: Fix decimals: auto docs for panel edit.\n Fix: RBAC handle `error no resolver` found.\n LibraryPanelSearch: Refactor and fix hyphen issue.\n Live: Fix live streaming with `live-service-web-worker` feature\n flag enabled.\n QueryField: Fix wrong cursor position on autocomplete.\n- Update to 9.1.6\n DataSource: Adding possibility to hide queries from the\n inspector.\n Inspect: Hide Actions tab when it is empty.\n PanelMenu: Remove hide legend action as it was showing on\n all panel types.\n Provisioning Contact points: Support disableResolveMessage via\n YAML.\n PublicDashboards: Support subpaths when generating pubdash url.\n Alerting: Fix legacy migration crash when rule name is too long.\n Alerting: Fix send resolved notifications.\n Azure Monitor: Fix migration issue with MetricDefinitionsQuery\n template variable query types.\n Browse: Hide dashboard actions if user does not have enough\n permission.\n ElasticSearch: Fix dispatching queries at a wrong time.\n Panel: Disable legends when showLegend is false prior to\n schema v37.\n Prometheus: Fix metadata requests for browser access mode.\n Search: Avoid requesting all dashboards when in Folder View.\n TablePanel/StatPanel: Fix values not being visible when\n background transparent.\n- Update to 9.1.5\n Alerting: Sanitize invalid label/annotation names for external\n alertmanagers.\n Alerting: Telegram: Truncate long messages to avoid send error.\n DisplayProcessor: Handle reverse-ordered data when auto-showing\n millis.\n Heatmap: Add option to reverse color scheme.\n PluginLoader: Alias slate-react as @grafana/slate-react.\n Search: Add substring matcher, to bring back the old\n dashboard search behavior.\n Traces: More visible span colors.\n Alerting: Fix incorrect propagation of org ID and other\n fields in rule provisioning endpoints.\n Alerting: Resetting the notification policy tree to the default\n policy will also restore default contact points.\n AzureMonitor: Fix custom namespaces.\n AzureMonitor: Fix issue where custom metric namespaces\n are not included in the metric namespace list.\n CloudWatch: Fix display name of metric and namespace.\n Cloudwatch: Fix annotation query serialization issue.\n Dashboard: Fix issue where unsaved changes warning would appear\n even after save, and not being able to change library\n panels.\n Dashboard: Hide overflow content for single left pane.\n Loki: Fix a bug where adding adhoc filters was not possible.\n- Update to 9.1.4\n GrafanaUI: Fixes Chrome issue for various query fields.\n- Update to 9.1.3\n API: Do not expose user input in datasource error responses.\n Library Panel: Allow to delete them when deprecated.\n Plugins Catalog: Allow to filter plugins using special\n characters.\n Alerting: Fix UI bug when setting custom notification\n policy group by.\n AppRootPage: Fix issue navigating between two app plugin pages.\n Correlations: Use correct fallback handlers.\n RBAC: Fix deleting empty snapshots.\n LibraryElements: Fix inability to delete library panels\n under MySQL.\n Metrics: fix `grafana_database_conn_*` metrics, and add\n new `go_sql_stats_*` metrics as eventual replacement.\n TestData DB: Fix node graph not showing when the `Data type`\n field is set to `random`.\n * Deprecations\n The `grafana_database_conn_*` metrics are deprecated, and will\n be removed in a future version of Grafana. Use the\n `go_sql_stats_*` metrics instead.\n- Update to 9.1.2\n AdHoc variable: Correctly preselect datasource when provisioning.\n AzureMonitor: Added ARG query function for template variables.\n Dashboards: Persist details message when navigating through\n dashboard save drawer's tabs.\n Dashboards: Correctly migrate mixed data source targets.\n Elasticsearch: Use millisecond intervals for alerting.\n Elasticsearch: Use millisecond intervals in frontend.\n Geomap: Local color range.\n Plugins Catalog: Use appSubUrl to generate plugins catalog urls.\n Rendering: Add support for renderer token.\n Alerting: Fix saving of screenshots uploaded with a signed url.\n AngularPanels: Fixing changing angular panel options not taking\n having affect when coming back from panel edit.\n Explore: Improve a11y of query row collapse button.\n Geomap: Fix tooltip display.\n QueryEditorRow: Filter data on mount.\n Search: Show all dashboards in the folder view.\n Tracing: Fix the event attributes in opentelemetry tracing.\n GrafanaUI: Fix styles for invalid selects & DataSourcePicker.\n- Update to 9.1.1\n Cloud Monitoring: Support SLO burn rate.\n Schema: Restore 'hidden' in LegendDisplayMode.\n Timeseries: Revert the timezone(s) property name change back to\n singular.\n Alerting: Fix links in Microsoft Teams notifications.\n Alerting: Fix notifications for Microsoft Teams.\n Alerting: Fix width of Adaptive Cards in Teams notifications.\n ColorPickerInput: Fix popover in disabled state.\n Decimals: Fixes auto decimals to behave the same for\n positive and negative values.\n Loki: Fix unique log row id generation.\n Plugins: Fix file extension in development authentication guide.\n TimeSeries: Fix jumping legend issue.\n TimeSeries: Fix memory leak on viz re-init caused by\n KeyboardPlugin.\n TimePicker: Fixes relative timerange of less than a day not\n displaying.\n GrafanaUI: Fixes ClipboardButton to always keep multi line\n content.\n- Update to 9.1.0\n API: Allow creating teams with a user defined identifier.\n Alerting: Adds interval and For to alert rule details.\n Alerting: Extend PUT rule-group route to write the entire\n rule group rather than top-level fields only.\n Alerting: Use Adaptive Cards in Teams notifications.\n Azure Monitor: Add Network Insights Dashboard.\n Chore: Improve logging of unrecoverable errors.\n Correlations: Add UpdateCorrelation HTTP API.\n Dashboard: Reverted the changes of hiding multi-select\n and all variable in the datasource picker.\n Geomap: Add alpha day/night layer.\n Geomap: Add measuring tools.\n GrafanaUI: Add success state to ClipboardButton.\n Heatmap: Replace the heatmap panel with new implementation.\n KVStore: Allow empty value in kv_store.\n Prometheus: Promote Azure auth flag to configuration.\n Search: Display only dashboards in General folder of\n Search Folder View.\n Status history/State timeline: Support datalinks.\n Transform: Add a limit transform.\n Transformations: Add standard deviation and variance reducers.\n API: Fix snapshot responses.\n Access Control: Fix permission error during dashboard\n creation flow.\n Access Control: Set permissions for Grafana's test data source.\n Alerting: Fix migration failure.\n BarGauge: Show empty bar when value, minValue and\n maxValue are all equal.\n Dashboard: Fix color of bold and italics text in panel\n description tooltip.\n Loki: Fix passing of query with defaults to code mode.\n Loki: Fix producing correct log volume query for query\n with comments.\n Loki: Fix showing of unusable labels field in detected fields.\n Tracing: Fix OpenTelemetry Jaeger context propagation.\n Alerting: AlertingProxy to elevate permissions for request\n forwarded to data proxy when RBAC enabled.\n Plugins: Only pass `rootUrls` field in request when not empty.\n Alert notifications to Microsoft Teams now use Adaptive Cards\n instead of Office 365 Connector Cards.\n Starting at 9.1.0, existing heatmap panels will start using a\n new implementation. This can be disabled by setting the\n `useLegacyHeatmapPanel` feature flag to true. It can be\n tested on a single dashbobard by adding\n `?__feature.useLegacyHeatmapPanel=true` to any dashboard URL.\n The most notable changes are:\n Significantly improved rendering performance\n When calculating heatmaps, the buckets are now placed on\n reasonable borders (1m, 5m, 30s etc)\n Round cells are no longer supported\n- Update to 9.0.9\n AuthNZ: Security fixes for CVE-2022-35957 and CVE-2022-36062.\n- Update to 9.0.8\n Alerting: Hide 'no rules' message when we are fetching\n from data sources.\n Alerting: AlertingProxy to elevate permissions for\n request forwarded to data proxy when RBAC enabled.\n- Update to 9.0.7\n CloudMonitoring: Remove link setting for SLO queries.\n GrafanaUI: Render PageToolbar's leftItems regardless of\n title's presence.\n- Update to 9.0.6\n Access Control: Allow org admins to invite new users to\n their organization.\n Grafana/toolkit: Fix incorrect image and font generation\n for plugin builds.\n Prometheus: Fix adding of multiple values for regex operator.\n UI/Card: Fix card items always having pointer cursor.\n- Update to 9.0.5\n Access control: Show dashboard settings to users who can\n edit dashboard.\n Alerting: Allow the webhook notifier to support a custom\n Authorization header.\n Plugins: Add signature wildcard globbing for dedicated\n private plugin type.\n Prometheus: Don't show errors from unsuccessful API\n checks like rules or exemplar checks.\n Access control: Allow organisation admins to add existing\n users to org.\n Alerting: Fix alert panel instance-based rules filtering.\n Apps: Fixes navigation between different app plugin pages.\n Cloudwatch: Upgrade grafana-aws-sdk to fix auth issue\n with secret keys.\n Loki: Fix `show context` not working in some occasions.\n RBAC: Fix permissions on dashboards and folders created\n by anonymous users.\n- Update to 9.0.4\n Browse/Search: Make browser back work properly when\n visiting Browse or search.\n Logs: Improve getLogRowContext API.\n Loki: Improve handling of empty responses.\n Plugins: Always validate root URL if specified in\n signature manfiest.\n Preferences: Get home dashboard from teams.\n SQLStore: Support Upserting multiple rows.\n Traces: Add more template variables in Tempo & Zipkin.\n Traces: Remove serviceMap feature flag.\n Access Control: Fix missing folder permissions.\n Access control: Fix org user removal for OSS users.\n Alerting: Fix Slack notifications.\n Alerting: Preserve new-lines from custom email templates\n in rendered email.\n Log: Fix text logging for unsupported types.\n Loki: Fix incorrect TopK value type in query builder.\n- Update to 9.0.3\n Access Control: Allow dashboard admins to query org users.\n Alerting: Add method to provisioning API for obtaining a\n group and its rules.\n Alerting: Allow filtering of contact points by name.\n Alerting: Disable /api/admin/pause-all-alerts with\n Unified Alerting.\n Annotations: Use point marker for short time range annotations.\n AzureMonitor: Update UI to experimental package.\n AzureMonitor: Update resource and namespace metadata.\n CloudWatch: Remove simplejson in favor of 'encoding/json'.\n DashboardRow: Collapse shortcut prevent to move the\n collapsed rows.\n Navigation: Highlight active nav item when Grafana is\n served from subpath.\n Plugins: InfluxDB datasource - set epoch query param\n value as 'ms'.\n Plugins: InfluxDB update time range query.\n StateTimeline: Try to sort time field.\n API: Do not validate/save legacy alerts when saving a\n dashboard if legacy alerting is disabled.\n Alerting: Add method to reset notification policy tree\n back to the default.\n Alerting: Fix Teams notifier not failing on 200 response\n with error.\n Alerting: Fix bug where state did not change between\n Alerting and Error.\n Alerting: Fix consistency errors in OpenAPI documentation.\n Alerting: Fix normalization of alert states for panel\n Alerting: Provisioning API respects global rule quota.\n CSRF: Fix additional headers option.\n Chore: Bump parse-url to 6.0.2 to fix security vulnerabilities.\n Chore: Fix CVE-2020-7753.\n Chore: Fix CVE-2021-3807.\n Chore: Fix CVE-2021-3918.\n Chore: Fix CVE-2021-43138.\n Chore: Fix CVE-2022-0155.\n Dashboard: Fixes tooltip issue with TimePicker and Setting buttons.\n Dashboard: Prevent unnecessary scrollbar when viewing\n single panel.\n Logs: Fixed wrapping log lines from detected fields.\n Loki: Add missing operators in label filter expression.\n Loki: Fix error when changing operations with different parameters.\n Loki: Fix suggesting of correct operations in query builder.\n Plugins: InfluxDB variable interpolation fix for\n influxdbBackendMigration feature flag.\n SQLstore: Fix fetching an inexistent playlist.\n Security: Fixes for CVE-2022-31107 and CVE-2022-31097.\n Snapshots: Fix deleting external snapshots when using RBAC.\n Table: Fix scrollbar being hidden by pagination.\n Templating: Changing between variables with the same name\n now correctly triggers a dashboard refresh.\n Time series panel: Fix an issue with stacks being not complete\n due to the incorrect data frame length.\n- Update to 9.0.2\n Alerting: Add support for images in Pushover alerts.\n Alerting: Don't stop the migration when alert rule tags\n are invalid.\n Alerting: Skip the default data source if incompatible.\n AzureMonitor: Parse non-fatal errors for Logs.\n OAuth: Restore debug log behavior.\n Plugins: Improved handling of symlinks.\n Alerting: Code-gen parsing of URL parameters and fix\n related bugs.\n Annotations: Fix annotation autocomplete causing panels\n to crash.\n Barchart: Fix warning not showing.\n CloudWatch: Enable custom session duration in AWS plugin auth.\n Dashboards: Fixes issue with the initial panel layout\n counting as an unsaved change.\n Plugins: Use a Grafana specific SDK logger implementation\n for core plugins.\n Search: Fix pagination in the new search page.\n- Update to 9.0.1\n Alerting: Add support for image annotation in\n Alertmanager alerts.\n Alerting: Add support for images in SensuGo alerts.\n Alerting: Add support for images in Threema alerts.\n Alerting: Adds Mimir to Alertmanager data source implementation.\n Alerting: Invalid setting of enabled for unified alerting\n should return error.\n AzureMonitor: Clean namespace when changing the resource.\n AzureMonitor: Update supported namespaces and filter\n resources by the right type.\n CLI: Allow relative symlinks in zip archives when\n installing plugins.\n Dashboard: Don't show unsaved changes modal for automatic\n schema changes.\n Dashboard: Unsaved changes warning should not trigger\n when only pluginVersion has changed.\n Expression: Execute hidden expressions.\n Geomap: Support showing tooltip content on click (not\n just hover).\n Heatmap: Remove alpha flag from new heatmap panel.\n Instrumentation: Define handlers for requests that are\n not handled with named handlers.\n Log Panel: Improve log row hover contrast and visibility.\n Logs: Handle backend-mode errors in histogram.\n Loki: Do not show histogram for instant queries.\n Loki: Handle data source configs with path in the url.\n Loki: Handle invalid query type values.\n OAuth: Redirect to login if no oauth module is found or\n if module is not configured.\n OptionsUI: Move internal options editors out of @grafana/ui.\n Prometheus: Don't show undefined for step in collapsed\n options in query editor when value is 'auto'.\n Prometheus: Show query patterns in all editor modes for\n Prometheus and Loki.\n Tempo: Add link to Tempo Search with node service selected.\n Time Series Panel: Add Null Filling and 'No Value' Support.\n TimeSeries: Add an option to set legend width.\n Timeseries: Improve cursor Y sync behavior.\n Traces: Do not use red in span colors as this looks like\n an error.\n Alerting: Fix AM config overwrite when SQLite db is\n locked during sync.\n Alerting: Fix alert instances filtering for prom rules.\n Alerting: Fix alert rule page crashing when datasource\n contained URL unsafe characters.\n Alerting: Fix automatically select newly created folder option.\n Alerting: Fix removal of notification policy without\n labels matchers.\n CloudWatch: Allow hidden queries to be executed in case\n an ID is provided.\n Dashboard: Prevent non-repeating panels being dropped\n from repeated rows when collapsed/expanded.\n Dashboards: Fix folder picker not showing correct results\n when typing too fast.\n Datasource: Prevent panic when proxying for non-existing\n data source.\n Explore: Fix log context scroll to bottom.\n Explore: Revert 'Remove support for compact format URLs'.\n Expressions: Fixes dashboard schema migration issue that casued\n Expression datasource to be set on panel level.\n Formatting: Fixes valueFormats for a value of 0.\n GrafanaData: Fix week start for non-English browsers.\n LibraryPanel: Resizing a library panel to 6x3 no longer\n crashes the dashboard on startup.\n LogRow: Fix placement of icon.\n Loki: Fix bug in labels framing.\n Loki: Fix issues with using query patterns.\n Loki: Fix showing of duplicated label values in dropdown\n in query builder.\n MSSQL: Fix ParseFloat error.\n Panels: Fixes issue with showing 'Cannot visualize data'\n when query returned 0 rows.\n Playlists: Disable Create Playlist buttons for users with\n viewer role.\n Plugins: Fix typo in plugin data frames documentation.\n Prometheus: Fix body not being included in resource calls\n if they are POST.\n RolePicker: Fix submenu position on horizontal space overflow.\n Tracing: Fix trace links in traces panel.\n Support for compact Explore URLs is deprecated and will be\n removed in a future release. Until then, when navigating to\n Explore using the deprecated format the URLs are\n automatically converted. If you have existing links pointing\n to Explore update them using the format generated by Explore\n upon navigation. You can identify a compact URL by its\n format. Compact URLs have the left (and optionally right) url\n parameter as an array of strings, for example\n `&left=['now-1h','now'...]`. The standard explore URLs follow\n a key/value pattern, for example\n `&left={'datasource':'test'...}`. Please be sure to check\n your dashboards for any hardcoded links to Explore and update\n them to the standard URL pattern.\n- Update to 9.0.0\n API: Add GET /api/annotations/:annotationId endpoint.\n API: Add endpoint for updating a data source by its UID.\n AccessControl: Add enterprise only setting for rbac\n permission cache.\n AccessControl: Document basic roles changes and provisioning V2.\n AccessControl: Enable RBAC by default.\n AddDataSourceConfig: Remove deprecated checkHealth prop.\n Alerting: Add Image URLs to Microsoft Teams notifier.\n Alerting: Add RBAC actions and role for provisioning API routes.\n Alerting: Add Screenshot URLs to Pagerduty Notifier.\n Alerting: Add a 'Reason' to Alert Instances to show\n underlying cause of state.\n Alerting: Add a general screenshot service and\n alerting-specific image service.\n Alerting: Add image url or file attachment to email\n notifications.\n Alerting: Add image_urls to OpsGenie notification details.\n Alerting: Add notification policy flow chart.\n Alerting: Attach image URL to alerts in Webhook notifier format.\n Alerting: Attach image URLs or upload files to Discord\n Alerting: Attach image URLs to Google Chat notifications.\n Alerting: Attach screenshot data to Unified Alerting\n Alerting: Create folder for alerting when start from the\n scratch.\n Alerting: Modify alertmanager endpoints for proxying\n using the datasource UID.\n Alerting: Modify endpoint for testing a datasource rule\n using the UID.\n Alerting: Modify prometheus endpoints for proxying using\n the datasource UID.\n Alerting: State Manager takes screenshots.\n Alerting: Use UID scope for folders authorization.\n Alerting: modify ruler endpoints for proxying using the\n datasource UID.\n Angular: Adds back two angular directives that are still\n used by remaining angular bits and plugins.\n Azure Monitor: Add Resource Picker to Metrics Queries.\n Azure Monitor: Add search feature to resource picker.\n AzureMonitor: Add support for selecting multiple options when\n using the equals and not equals dimension filters.\n AzureMonitor: Remove deprecated code.\n Build: Change names to PascalCase to match.\n Chore: Remove deprecated DataSourceAPI methods.\n Chore: Upgrade typescript to 4.6.4.\n Cloud Monitoring: Use new annotation API.\n CloudMonitoring: Allow to set a custom value or disable\n graph_period.\n CloudWatch: Add generic filter component to variable editor.\n CloudWatch: Added missing AWS/AppRunner metrics.\n CloudWatch: Enable support for dynamic labels with\n migrated alias patterns.\n Cloudwatch: Pass label in deep link.\n Cloudwatch: Use new annotation API.\n Dashboard: Validate dashboards against schema on save.\n DashboardPickerByID: Add option to exclude dashboards.\n DashboardPickerById: Add optionLabel prop.\n Dashboards: Display values of 0 with the configured\n decimal places.\n Data: Remove deprecated types and functions from valueMappings.\n Elasticsearch: Remove browser access mode.\n Elasticsearch: Remove support for versions after their\n end of the life (<7.10.0).\n Encryption: Add support for multiple data keys per day.\n Encryption: Enable envelope encryption by default.\n Explore: Remove support for legacy, compact format URLs.\n Explore: Skip Angular error handling when Angular support\n is disabled.\n Explore: simplify support for multiple query editors.\n FeatureToggles: Support changing feature toggles with URL\n parameters.\n FileUpload: Make component accessible by keyboard navigation.\n Formatting: Make SI number formats more robust.\n Graph: Deprecate Graph (old) and make it no longer a\n visualization option for new panels.\n IconButton: IconButtons are now correctly aligned in Safari.\n Logger: Enable new logging format by default.\n Loki: Add more query patterns.\n Loki: Enable new visual query builder by default.\n Loki: use the same dataframe-format for both live and\n normal queries.\n OAuth: Make allowed email domain case insensitive.\n Panels: Use the No value option when showing the no data\n message.\n Plugins: Remove plugin list panel.\n Query History: Enable new query history by default.\n QueryEditorRow: Show query errors next to query in a\n consistent way across Grafana.\n SAML: Implement Name Templates for\n assertion_attribute_name option.\n Service accounts: Do not display service accounts\n assigned to team.\n Settings: Use Grafana Azure SDK to pass Azure env vars\n for external plugins.\n Shortcuts: Add shortcut to show shortcuts to the list of\n shortcuts.\n Traces Panel: Add new Traces Panel visualization.\n Traces: Filter by service/span name and operation in\n Tempo and Jaeger.\n Transformations: Allow more complex regex expressions\n in `Rename by regex`.\n grafana/ui: Add default type='button' to <Button>.\n Alerting: Fix database unavailable removes rules from scheduler.\n AzureMonitor: Fix auto-selection of time-grain for metrics.\n DataSources: Fixes issue with expressions not being queried.\n GraphNG: Fix thresholds by color not following data update.\n Jaeger: Update operations dropdown.\n Login: Fix mismatching label on auth_module in user list.\n Playlists: Save button now correctly creates a new playlist.\n RBAC: Fix migrations running in the wrong order causing\n inheritance problem in enterprise.\n ServiceAccounts: Add identifiable token prefix to service\n account tokens.\n Traces: Fix missing CopyButton on KeyValueTables and\n overlapping of panels.\n `setExploreQueryField`, `setExploreMetricsQueryField` and\n `setExploreLogsQueryField` are now deprecated and will be\n removed in a future release. If you need to set a different\n query editor for Explore, conditionally render based on\n `props.app` in your regular query editor.\n Chore: Remove react-testing-lib from bundles.\n Select: Portal menu by default.\n The `@grafana/ui` package helper function\n `selectOptionInTest` used in frontend tests has been removed\n as it caused testing libraries to be bundled in the\n production code of Grafana. If you were using this helper\n function in your tests please update your code accordingly:\n ```js\n // before\n import { selectOptionInTest } from '@grafana/ui';\n // ...test usage\n await selectOptionInTest(selectEl, 'Option 2');\n // after\n import { select } from 'react-select-event';\n await select(selectEl, 'Option 2',\n { container: document.body });\n ```\n Removed deprecated `checkHealth` prop from the `@grafana/e2e`\n `addDataSource` config. Previously this value defaulted to\n `false`, and has not been used in end-to-end tests since\n Grafana 8.0.3.\n Removes the deprecated `LegacyBaseMap`, `LegacyValueMapping`,\n `LegacyValueMap`, and `LegacyRangeMap` types, and\n `getMappedValue` function from grafana-data. Migration is as\n follows:\n | Old | New |\n | -------------------- | ----------------------- |\n | `LegacyBaseMap` | `MappingType` |\n | `LegacyValueMapping` | `ValueMapping` |\n | `LegacyValueMap` | `ValueMap` |\n | `LegacyRangeMap` | `RangeMap` |\n | `getMappedValue` | `getValueMappingResult` |\n This change fixes a bug in Grafana where intermittent failure\n of database, network between Grafana and the database, or\n error in querying the database would cause all alert rules to\n be unscheduled in Grafana. Following this change scheduled\n alert rules are not updated unless the query is successful.\n The `get_alert_rules_duration_seconds` metric has been\n renamed to `schedule_query_alert_rules_duration_seconds`.\n Any secret (data sources credential, alert manager\n credential, etc, etc) created or modified with Grafana v9.0\n won't be decryptable from any previous version (by default)\n because the way encrypted secrets are stored into the\n database has changed. Although secrets created or modified\n with previous versions will still be decryptable by Grafana\n v9.0.\n If required, although generally discouraged, the\n `disableEnvelopeEncryption` feature toggle can be enabled to\n keep envelope encryption disabled once updating to Grafana\n In case of need to rollback to an earlier version of Grafana\n (i.e. Grafana v8.x) for any reason, after being created or\n modified any secret with Grafana v9.0, the\n `envelopeEncryption` feature toggle will need to be enabled\n to keep backwards compatibility (only from `v8.3.x` a bit\n unstable, from `8.5.x` stable).\n As a final attempt to deal with issues related with the\n aforementioned situations, the `grafana-cli admin\n secrets-migration rollback` command has been designed to\n move back all the Grafana secrets encrypted with envelope\n encryption to legacy encryption. So, after running that\n command it should be safe to disable envelope encryption\n and/or roll back to a previous version of Grafana.\n Alternatively or complementarily to all the points above,\n backing up the Grafana database before updating could be a\n good idea to prevent disasters (although the risk of getting\n some secrets corrupted only applies to those updates/created\n with after updating to Grafana v9.0).\n According to the dynamic labels documentation, you can use up\n to five dynamic values per label. There’s currently no such\n restriction in the alias pattern system, so if more than 5\n patterns are being used the GetMetricData API will return an\n error.\n Dynamic labels only allow \\${LABEL} to be used once per\n query. There’s no such restriction in the alias pattern\n system, so in case more than 1 is being used the\n GetMetricData API will return an error.\n When no alias is provided by the user, Grafana will no longer\n fallback with custom rules for naming the legend.\n In case a search expression is being used and no data is\n returned, Grafana will no longer expand dimension values, for\n instance when using a multi-valued template variable or star\n wildcard `*` in the dimension value field.\n Time series might be displayed in a different order. Using\n for example the dynamic label `${PROP('MetricName')}`, might\n have the consequence that the time series are returned in a\n different order compared to when the alias pattern\n `{{metric}}` is used\n In Elasticsearch, browser access mode was deprecated in\n grafana 7.4.0 and removed in 9.0.0. If you used this mode,\n please switch to server access mode on the datasource\n configuration page.\n Environment variables passed from Grafana to external Azure\n plugins have been renamed:\n `AZURE_CLOUD` renamed to `GFAZPL_AZURE_CLOUD`\n `AZURE_MANAGED_IDENTITY_ENABLED` renamed to\n `GFAZPL_MANAGED_IDENTITY_ENABLED`\n `AZURE_MANAGED_IDENTITY_CLIENT_ID` renamed to\n `GFAZPL_MANAGED_IDENTITY_CLIENT_ID`\n There are no known plugins which were relying on these\n variables. Moving forward plugins should read Azure settings\n only via Grafana Azure SDK which properly handles old and new\n environment variables.\n Removes support for for ElasticSearch versions after their\n end-of-life, currently versions < 7.10.0. To continue to use\n ElasticSearch data source, upgrade ElasticSearch to version\n 7.10.0+.\n Application Insights and Insight Analytics queries in Azure\n Monitor were deprecated in Grafana 8.0 and finally removed in\n 9.0. Deprecated queries will no longer be executed.\n grafana/ui: Button now specifies a default type='button'\n The `Button` component provided by @grafana/ui now specifies\n a default `type='button'` when no type is provided.\n In previous versions, if the attribute was not specified for\n buttons associated with a `<form>` the default value was\n `submit` per the specification. You can preserve the old\n behavior by explicitly setting the type attribute:\n `<Button type='submit' />`\n The `Rename by regex` transformation has been improved to\n allow global patterns of the form `/<stringToReplace>/g`.\n Depending on the regex match used, this may cause some\n transformations to behave slightly differently. You can\n guarantee the same behaviour as before by wrapping the\n `match` string in forward slashes (`/`), e.g. `(.*)` would\n become `/(.*)/`\n `<Select />` menus will now portal to the document body by\n default. This is to give more consistent behaviour when\n positioning and overlaying. If you were setting\n `menuShouldPortal={true}` before you can safely remove that\n prop and behaviour will be the same. If you weren't\n explicitly setting that prop, there should be no visible\n changes in behaviour but your tests may need updating. If you\n were setting `menuShouldPortal={false}` this will continue to\n prevent the menu from portalling.\n Grafana alerting endpoint prefixed with `api/v1/rule/test`\n that tests a rule against a Corte/Loki data source now\n expects the data source UID as a path parameter instead of\n the data source numeric identifier.\n Grafana alerting endpoints prefixed with `api/prometheus/`\n that proxy requests to a Cortex/Loki data source now expect\n the data source UID as a path parameter instead of the data\n source numeric identifier.\n Grafana alerting endpoints prefixed with `api/ruler/` that\n proxy requests to a Cortex/Loki data source now expect the\n data source UID as a path parameter instead of the data\n Grafana alerting endpoints prefixed with `api/alertmanager/`\n that proxy requests to an Alertmanager now expect the data\n source UID as a path parameter instead of the data source\n numeric identifier.\n The format of log messages have been updated, `lvl` is now\n `level` and `eror`and `dbug` has been replaced with `error`\n and `debug`. The precision of timestamps has been increased.\n To smooth the transition, it is possible to opt-out of the\n new log format by enabling the feature toggle `oldlog`.\n This option will be removed in a future minor release.\n In the Loki data source, the dataframe format used to\n represent Loki logs-data has been changed to a more efficient\n format. The query-result is represented by a single dataframe\n with a 'labels' column, instead of the separate dataframes\n for every labels-value. When displaying such data in explore,\n or in a logs-panel in the dashboard will continue to work\n without changes, but if the data was loaded into a different\n dashboard-panel, or Transforms were used, adjustments may be\n necessary. For example, if you used the 'labels to fields'\n transformation with the logs data, please switch to the\n 'extract fields' transformation.\n- Update to version 8.5.22:\n * Fix XSS in Graphite functions tooltip\n (bsc#1209645, CVE-2023-1410)\n- Update to version 8.5.21:\n * Apply attribute sanitation to GeomapPanel\n (bsc#1208821, CVE-2023-0507)\n * Avoid storing XSS in TraceView panel\n (bsc#1208819, CVE-2023-0594)\n * Login: Fix panic when UpsertUser is called without ReqContext \n- Fix basic authentication bypass by updating the exporter toolkit\n to version 0.7.3 (bsc#1208065, CVE-2022-46146).\n- Require Go 1.19 or newer (bsc#1208293, CVE-2022-41723)\n- Update to version 8.5.20:\n * Security: SVG: Add dompurify preprocessor step\n (bsc#1207749, CVE-2022-23552)\n * Security: Snapshots: Fix originalUrl spoof security issue\n (bsc#1207750, CVE-2022-39324)\n * Security: Omit error from http response \n * Bug fix: Email and username trimming and invitation validation\n- Update to version 8.5.15 (jsc#PED-2617):\n * Security: Fix for privilege escalation\n (bsc#1205225, CVE-2022-39306)\n * Security: Omit error from http response when user does not\n exists (bsc#1205227, CVE-2022-39307)\n- Update to version 8.5.14:\n * Security: Fix do not forward login cookie in outgoing requests\n (bsc#1204303, CVE-2022-39201)\n * Security: Make proxy endpoints not leak sensitive HTTP headers\n (bsc#1204305, CVE-2022-31130)\n * Security: Fix plugin signature bypass (bsc#1204302, CVE-2022-31123)\n * Security: Fix blocknig other users from signing in (bsc#1204304,\n CVE-2022-39229)\n- Update to version 8.5.13 (jsc#PED-2145):\n + Features and enhancements:\n * Plugins: Expose emotion/react to plugins to prevent load\n failures\n + Bug fix:\n * AuthNZ: Security fixes for (bsc#1203596, CVE-2022-36062) and\n (bsc#1203597, CVE-2022-35957)\n- Update to version 8.5.11:\n * Rendering: Add support for renderer token\n * Alerting: AlertingProxy to elevate permissions for request\n forwarded to data proxy when RBAC enabled\n- Update to version 8.5.10\n + Bug fixes (8.5.10):\n * RBAC: Fix Anonymous Editors missing dashboard controls.\n #52649, @gamab\n + Bug fixes (8.5.9):\n * Security: Fixes for CVE-2022-31107 and CVE-2022-31097.\n #52238, @xlson\n + Bug fixes (8.5.6):\n * Dashboard: Fixes random scrolling on time range change.\n #50379, @torkelo\n * Security: Fixes minor code scanning security warnings in old\n vendored javascript libs. #50382, @torkelo\n + Features and enhancements (8.5.5):\n * Azure Monitor: Include datasource ref when interpolating\n variables. #49543, @kevinwcyu\n * CloudWatch: Add multi-value template variable support for log\n group names in logs query builder. #49737, @kevinwcyu\n * Cloudwatch: Add template variable query function for listing\n log groups. #50100, @yaelleC\n + Bug fixes (8.5.5):\n * Alerting: Do not overwrite existing alert rule condition.\n #49920, @gillesdemey\n * Alerting: Remove double quotes from matchers. #50044,\n @alexweav\n + Features and enhancements (8.5.4):\n * Alerting: Remove disabled flag for data source when migrating\n alerts. #48559, @yuri-tceretian\n * Alerting: Show notification tab of legacy alerting only to\n editor. #49624, @yuri-tceretian\n * Alerting: Update migration to migrate only alerts that belong\n to existing org\\dashboard. #49192, @yuri-tceretian\n * AzureMonitor: Do not quote variables when a custom 'All'\n variable option is used. #49428, @andresmgot\n * AzureMonitor: Update allowed namespaces. #48468,\n @jcolladokuri\n * CloudMonitor: Correctly encode default project response.\n #49510, @aangelisc\n * Cloudwatch: Add support for new AWS/RDS EBS* metrics.\n #48798, @szymonpk\n * InfluxDB: Use backend for influxDB by default via feature\n toggle. #48453, @yesoreyeram\n * Legend: Use correct unit for percent and count calculations.\n #49004, @dprokop\n * LokI: use millisecond steps in Grafana 8.5.x. #48630, @gabor\n * Plugins: Introduce HTTP 207 Multi Status response to\n api/ds/query. #48550, @wbrowne\n * Transformations: Add an All Unique Values Reducer. #48653,\n @josiahg\n * Transformers: avoid error when the ExtractFields source field\n is missing. #49368, @wardbekker\n * [v8.5.x] Alerting: Update migration to migrate only alerts\n that belong to existing org\\dashboard. #49199, @grafanabot\n + Bug fixes (8.5.4):\n * Alerting: Allow disabling override timings for notification\n policies. #48648, @gillesdemey\n * Alerting: Allow serving images from custom url path. #49022,\n @gillesdemey\n * Alerting: Apply Custom Headers to datasource queries. #47860,\n @joeblubaugh\n * Alerting: Fix RBAC actions for notification policies. #49185,\n @yuri-tceretian\n * Alerting: Fix access to alerts for viewer with editor\n permissions when RBAC is disabled. #49270, @yuri-tceretian\n * Alerting: Fix anonymous access to alerting. #49203,\n * Alerting: correctly show all alerts in a folder. #48684,\n * AzureMonitor: Fixes metric definition for Azure Storage\n queue/file/blob/table resources. #49101, @aangelisc\n * Dashboard: Fix dashboard update permission check. #48746,\n @IevaVasiljeva\n * DashboardExport: Fix exporting and importing dashboards where\n query data source ended up as incorrect. #48410, @torkelo\n * FileUpload: clicking the Upload file button now opens their\n modal correctly. #48766, @ashharrison90\n * GrafanaUI: Fix color of links in error Tooltips in light\n theme. #49327, @joshhunt\n * LibraryPanels: Fix library panels not connecting properly in\n imported dashboards. #49161, @joshhunt\n * Loki: Improve unpack parser handling. #49074, @gabor\n * RolePicker: Fix menu position on smaller screens. #48429,\n @Clarity-89\n * TimeRange: Fixes updating time range from url and browser\n history. #48657, @torkelo\n * TimeSeries: Fix detection & rendering of sparse datapoints.\n #48841, @leeoniya\n * Timeseries: Fix outside range stale state. #49633, @ryantxu\n * Tooltip: Fix links not legible in Tooltips when using light\n theme. #48748, @joshhunt\n * Tooltip: Sort decimals using standard numeric compare.\n #49084, @dprokop\n * Transforms: Labels to fields, fix label picker layout.\n #49304, @torkelo\n * Variables: Fixes issue with data source variables not\n updating queries with variable. #49478, @torkelo\n * [v8.5.x] Alerting: Fix RBAC actions for notification policies\n (#49185). #49348, @yuri-tceretian\n * [v8.5.x] Alerting: Fix access to alerts for viewer with\n editor permissions when RBAC is disabled. #49427, @konrad147\n * [v8.5.x] Alerting: Fix anonymous access to alerting. #49268,\n + Breaking changes (8.5.4):\n For a data source query made via /api/ds/query:\n If the DatasourceQueryMultiStatus feature is enabled and\n The data source response has an error set as part of the\n DataResponse, the resulting HTTP status code is now 207\n Multi Status instead of 400 Bad gateway\n If the DatasourceQueryMultiStatus feature is not enabled and\n DataResponse, the resulting HTTP status code is 400 Bad\n Request (no breaking change)\n --> Issue #48550\n + Bug fixes (8.5.3):\n * Security: fixes CVE-2022-29170. #49240, @xlson\n + Features and enhancements (8.5.2):\n * Alerting: Add safeguard for migrations that might cause\n dataloss. #48526, @JohnnyQQQQ\n * AzureMonitor: Add support for not equals and startsWith\n operators when creating Azure Metrics dimension filters.\n #48077, @aangelisc\n * Elasticsearch: Add deprecation notice for < 7.10 versions.\n #48506, @ivanahuckova\n * Traces: Filter by service/span name and operation in Tempo\n and Jaeger. #48209, @joey-grafana\n + Bug fixes (8.5.2):\n * AzureAd Oauth: Fix strictMode to reject users without an\n assigned role. #48474, @kyschouv\n * CloudWatch: Fix variable query tag migration. #48587, @iwysiu\n * Plugins: Ensure catching all appropriate 4xx api/ds/query\n scenarios. #47565, @wbrowne\n + Bug fixes (8.5.1):\n * Azure Monitor: Fix space character encoding for metrics query\n link to Azure Portal. #48139, @kevinwcyu\n * CloudWatch: Prevent log groups from being removed on query\n change. #47994, @asimpson\n * Cloudwatch: Fix template variables in variable queries.\n #48140, @iwysiu\n * Explore: Prevent direct access to explore if disabled via\n feature toggle. #47714, @Elfo404\n * InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram\n * Navigation: Prevent navbar briefly showing on login. #47968,\n @ashharrison90\n * Plugins Catalog: Fix styling of hyperlinks. #48196, @marefr\n * Table: Fix filter crashes table. #48258, @zoltanbedi\n * TimeSeries: Properly stack series with missing datapoints.\n #48321, @leeoniya\n + Features and enhancements (8.5.0):\n * Alerting: Add contact points provisioning API. #47197,\n @JohnnyQQQQ\n * Alerting: Add resolved count to notification title when both\n firing and resolved present. #46697, @JacobsonMT\n * Alerting: Alert rule should wait For duration when execution\n error state is Alerting. #47052, @grobinson-grafana\n * Alerting: Classic conditions can now display multiple values.\n #46971, @gotjosh\n * Alerting: Display query from grafana-managed alert rules on\n /api/v1/rules. #45969, @gotjosh\n * Alerting: Enhance support for arbitrary group names in\n managed alerts. #47785, @gillesdemey\n * Alerting: add field for custom slack endpoint. #45751,\n @nathanrodman\n * Azure Monitor : Adding json formatting of error messages in\n Panel Header Corner and Inspect Error Tab. #44877, @yaelleC\n * Azure Monitor: Add 2 more Curated Dashboards for VM Insights.\n #45187, @jcolladokuri\n * CloudWatch: Handle new error codes for MetricInsights.\n #47033, @Gabrielopesantos\n * Dashboards: show changes in save dialog. #46557, @ryantxu\n * DataSource: Default data source is no longer a persisted\n state but just the default data source for new panels.\n #45132, @torkelo\n * DataSourcePlugin API: Allow queries import when changing data\n source type. #47435, @dprokop\n * Explore: Remove return to panel button. #45018, @gelicia\n * Explore: allow users to save Explore state to a new panel in\n a new dashboard. #45148, @Elfo404\n * Instrumentation: Proxy status code correction and various\n improvements. #47473, @marefr\n * Logging: Introduce feature toggle to activate gokit/log\n format. #47336, @ying-jeanne\n * NewsPanel: Add support for Atom feeds. #45390, @kaydelaney\n * Plugins: Add deprecation notice for /api/tsdb/query endpoint.\n #45238, @wbrowne\n * Plugins: Adding support for traceID field to accept\n variables. #45559, @vinisdl\n * PostgreSQL: __unixEpochGroup to support arithmetic expression\n as argument. #46764, @s0nik42\n * Profile/Help: Expose option to disable profile section and\n help menu. #46308, @cameronwaterman\n * Prometheus: Enable new visual query builder by default.\n #46634, @torkelo\n * SAML: Allow disabling of SAML signups. #47481, @mmandrus\n * SAML: Allow disabling of SAML signups. (Enterprise)\n * Table: New pagination option. #45732, @zoltanbedi\n * TablePanel: Add cell inspect option. #45620, @dprokop\n * Tempo / Trace Viewer: Support Span Links in Trace Viewer.\n #45632, @Shachi16\n * Tempo: Download span references in data inspector. #47074,\n @connorlindsey\n * Tempo: Separate trace to logs and loki search datasource\n config. #46655, @connorlindsey\n * Trace View: Show number of child spans. #44393, @tharun208\n * Transformations: Support escaped characters in key-value pair\n parsing. #47901, @aangelisc\n + Bug fixes (8.5.0):\n * Azure Monitor: Bug Fix for incorrect variable cascading for\n template variables. #47478, @jcolladokuri\n * CloudWatch: List all metrics properly in SQL autocomplete.\n #45898, @sunker\n * CloudWatch: Run query on blur in logs query field. #47454,\n @fridgepoet\n * Dashboard: Template variables are now correctly persisted\n when clicking breadcrumb links. #46790, @ashharrison90\n * DashboardPage: Remember scroll position when coming back\n panel edit / view panel. #47639, @torkelo\n * Panel Edit: Options search now works correctly when a\n logarithmic scale option is set. #47927, @ashharrison90\n * Postgres: Return tables with hyphenated schemes. #45754,\n @zuchka\n * Table panel: Fix horizontal scrolling when pagination is\n enabled. #47776, @dprokop\n * Variables: Ensure variables in query params are correctly\n recognised. #47049, @ashharrison90\n * Variables: Fix crash when changing query variable datasource.\n #44957, @joshhunt\n * Visualizations: Stack negative-valued series downwards.\n #47373, @leeoniya\n + Breaking changes (8.5.0):\n For a proxied request, e.g. Grafana's datasource or plugin\n proxy: If the request is cancelled, e.g. from the browser/by\n the client, the HTTP status code is now 499 Client closed\n request instead of 502 Bad gateway If the request times out,\n e.g. takes longer time than allowed, the HTTP status code is\n now 504 Gateway timeout instead of 502 Bad gateway. Issue\n #47473 The change in behavior is that negative-valued series\n are now stacked downwards from 0 (in their own stacks), rather\n than downwards from the top of the positive stacks. We now\n automatically group stacks by Draw style, Line interpolation,\n and Bar alignment, making it impossible to stack bars on top of\n lines, or smooth lines on top of stepped lines. Issue #47373\n The meaning of the default data source has now changed from\n being a persisted property in a panel. Before when you selected\n the default data source for a panel and later changed the\n default data source to another data source it would change all\n panels who were configured to use the default data source. From\n now on the default data source is just the default for new\n panels and changing the default will not impact any currently\n saved dashboards. Issue #45132 The Tooltip component provided\n by @grafana/ui is no longer automatically interactive (that is\n you can hover onto it and click a link or select text). It will\n from now on by default close automatically when you mouse out\n from the trigger element. To make tooltips behave like before\n set the new interactive property to true.\n + Deprecations (8.5.0):\n /api/tsdb/query API has been deprecated and will be removed in\n a future release. Use /api/ds/query instead. Issue #45238\n + Plugin development fixes & changes (8.5.0):\n * Card: Increase clickable area when meta items are present.\n #47935, @ashharrison90\n * Loki: Fix operator description propup from being shortened.\n #46575, @glintik\n * Tooltips: Make tooltips non interactive by default. #45053,\n @torkelo\n + Features and enhancements (8.4.7):\n * CloudWatch: Added missing MemoryDB Namespace metrics. #47290,\n @james-deee\n * Histogram Panel: Take decimal into consideration. #47330,\n @mdvictor\n * TimeSeries: Sort tooltip values based on raw values. #46738,\n @dprokop\n + Bug fixes (8.4.7):\n * API: Include userId, orgId, uname in request logging\n middleware. #47183, @marefr\n * Elasticsearch: Respect maxConcurrentShardRequests datasource\n setting. #47120, @alexandrst88\n + Features and enhancements (8.4.5):\n * Instrumentation: Make backend plugin metrics endpoints\n available with optional authentication. #46467, @marefr\n * Table panel: Show datalinks for cell display modes JSON View\n and Gauge derivates. #46020, @mdvictor\n + Bug fixes (8.4.5):\n * Azure Monitor: Small bug fixes for Resource Picker. #46665,\n @sarahzinger\n * Logger: Use specified format for file logger. #46970, @sakjur\n * Logs: Handle missing fields in dataframes better. #46963,\n @gabor\n * ManageDashboards: Fix error when deleting all dashboards from\n folder view. #46877, @joshhunt\n + Features and enhancements (8.4.4):\n * Loki: Add unpack to autocomplete suggestions (#44623).\n #46573, @glintik\n * Plugins: allow using both Function and Class components for\n app plugins. #46148, @leventebalogh\n * TimeSeries: Add migration for Graph panel's transform series\n override. #46577, @dprokop\n * TimeSeries: Preserve null/undefined values when performing\n negative y transform. #46584, @dprokop\n + Bug fixes (8.4.4):\n * CloudWatch: Use default http client from aws-sdk-go. #46370,\n @sunker\n * Dashboards: Fixes repeating by row and no refresh. #46565,\n * Gauge: Fixes blank viz when data link exists and orientation\n was horizontal. #46335, @torkelo\n * Search: sort results correctly when using postgres. #46466,\n @xlson\n * TagsInput: fix tags remove button accessibility issues.\n #46254, @Elfo404\n * TextPanel: Sanitize after markdown has been rendered to html.\n #46166, @ashharrison90\n + Features and enhancements (8.4.3):\n * Alerting: Grafana uses > instead of >= when checking the For\n duration. #46010\n * Alerting: Use expanded labels in dashboard annotations.\n #45726, @grobinson-grafana\n * Logs: Escape windows newline into single newline. #45771,\n @perosb\n + Bug fixes (8.4.3):\n * Alerting: Fix use of > instead of >= when checking the For\n duration. #46011, @grobinson-grafana\n * Azure Monitor: Fixes broken log queries that use workspace.\n #45820, @sunker\n * CloudWatch: Remove error message when using multi-valued\n template vars in region field. #45886, @sunker\n * Middleware: Fix IPv6 host parsing in CSRF check. #45911,\n @ying-jeanne\n + Plugin development fixes & changes (8.4.3):\n * ClipboardButton: Use a fallback when the Clipboard API is\n unavailable. #45831, @ashharrison90\n + Features and enhancements (8.4.2):\n * OAuth: Add setting to skip org assignment for external\n users. #34834, @baez90\n * Tracing: Add option to map tag names to log label names in\n trace to logs settings. #45178, @connorlindsey\n + Bug fixes (8.4.2):\n * Explore: Fix closing split pane when logs panel is\n used. #45602, @ifrost\n + Features and enhancements (8.4.1):\n * Cloudwatch: Add support for AWS/PrivateLink* metrics and\n dimensions. #45515, @szymonpk\n * Configuration: Add ability to customize okta login button\n name and icon. #44079, @DanCech\n * Tempo: Switch out Select with AsyncSelect component to get\n loading state in Tempo Search. #45110, @CatPerry\n + Bug fixes (8.4.1):\n * Alerting: Fix migrations by making send_alerts_to field\n nullable. #45572, @santihernandezc\n + Features and enhancements (8.4.0):\n * API: Extract OpenAPI specification from source code using\n go-swagger. #40528, @papagian\n * AccessControl: Disable user remove and user update roles when\n they do not have the permissions. #43429, @Jguer\n * AccessControl: Provisioning for teams. #43767, @gamab\n * API: Add usage stats preview endpoint. #43899, @Jguer\n * Alerting: Move slow queries in the scheduler to another\n goroutine. #44423, @grobinson-grafana\n * Alerting: Use time.Ticker instead of alerting.Ticker in\n ngalert. #44395, @grobinson-grafana\n * Alerting: add custom grouping to Alert Panel. #44559,\n * Analytics: Add user id tracking to google analytics.\n #42763, @autoric\n * Angular: Add AngularJS plugin support deprecation plan to\n docs site. #45149, @torkelo\n * Auth: implement auto_sign_up for auth.jwt. #43502, @sakjur\n * Azure Monitor Logs: Order subscriptions in resource picker by\n name. #45228, @sunker\n * Azure monitor Logs: Optimize data fetching in resource\n picker. #44549, @sunker\n * AzureMonitor: Filter list of resources by resourceType.\n #43522, @andresmgot\n * BarChart: color by field, x time field, bar radius, label\n skipping. #43257, @leeoniya\n * Chore: Implement OpenTelemetry in Grafana. #42674, @idafurjes\n * Cloud Monitoring: Adds metric type to Metric drop down\n options. #43268, @tw1nk\n * CloudWatch: Add Data Lifecycle Manager metrics and dimension.\n #43310, @ilyastoli\n * CloudWatch: Add Missing Elasticache Host-level metrics.\n #43455, @dhendo\n * CloudWatch: Add all ElastiCache Redis Metrics. #43336,\n @siavashs\n * CloudWatch: Add new AWS/ES metrics. #43034, @sunker\n * Cloudwatch: Add syntax highlighting and autocomplete for\n 'Metric Search'. #43985, @sarahzinger\n * Explore: Support custom display label for exemplar links for\n Prometheus datasource. #42732, @JokerQueue\n * Hotkeys: Make time range absolute/permanent. #43802, @davkal\n * Playlists: Enable sharing direct links to playlists. #44161,\n * SQLStore: Prevent concurrent migrations. #44101, @papagian\n * SSE: Add Mode to drop NaN/Inf/Null in Reduction operations.\n #43583, @kylebrandt\n * Setting: Support configuring feature toggles with bools\n instead of just passing an array. #43326, @bergquist\n * TimeSeries: Add support for negative Y and constant\n transform. #44774, @dprokop\n * Transformations: Add 'JSON' field type to\n ConvertFieldTypeTransformer. #42624, @sd2k\n + Bug fixes (8.4.0):\n * Auth: Guarantee consistency of signed SigV4 headers.\n #45054, @wbrowne\n * CloudWatch: Fix MetricName resetting on Namespace change.\n #44165, @yaelleC\n * Cloudwatch : Fixed reseting metric name when changing\n namespace in Metric Query. #44612, @yaelleC\n * Explore: Avoid locking timepicker when range is inverted.\n #44790, @Elfo404\n * Instrumentation: Fix HTTP request instrumentation of\n authentication failures. #44234, @marefr\n * LibraryPanels: Prevent long descriptions and names from\n obscuring the delete button. #45190, @zuchka\n * OAuth: Fix parsing of ID token if header contains non-string\n value. #44159, @marefr\n * Panel Edit: Visualization search now works correctly with\n special characters. #45137, @ashharrison90\n * Provisioning: Fix duplicate validation when multiple\n organizations have been configured. #44151, @marefr\n * QueryField: Fix issue with undo history when suggestion is\n inserted (#28656). #39114, @glintik\n * TablePanel: Do not prefix columns with frame name if multiple\n frames and override active. #45174, @mdvictor\n + Deprecations (8.4.0):\n AngularJS plugin support is now in a deprecated state, meaning\n it will be removed in a future release. Currently, that is\n planned for version 10 (in 2023). The documentation site has an\n article with more details on why, when, and how. Issue #45149\n- Update to version 8.3.10\n + Security:\n * Fixes XSS vulnerability in the Unified Alerting\n (bsc#1201535, CVE-2022-31097)\n * Fixes OAuth account takeover vulnerability\n (bsc#1201539, CVE-2022-31107)\n- Update to version 8.3.9\n + Bug fixes:\n * Geomap: Display legend\n * Prometheus: Fix timestamp truncation\n- Update to version 8.3.7\n * Provisioning: Ensure that the default value for orgID is set\n when provisioning datasources to be deleted.\n- Update to version 8.3.6\n * Cloud Monitoring: Reduce request size when listing labels.\n * Explore: Show scalar data result in a table instead of graph.\n * Snapshots: Updates the default external snapshot server URL.\n * Table: Makes footer not overlap table content.\n * Tempo: Add request histogram to service graph datalink.\n * Tempo: Add time range to tempo search query behind a feature flag.\n * Tempo: Auto-clear results when changing query type.\n * Tempo: Display start time in search results as relative time.\n * CloudMonitoring: Fix resource labels in query editor.\n * Cursor sync: Apply the settings without saving the dashboard.\n * LibraryPanels: Fix for Error while cleaning library panels.\n * Logs Panel: Fix timestamp parsing for string dates without timezone.\n * Prometheus: Fix some of the alerting queries that use reduce/math operation.\n * TablePanel: Fix ad-hoc variables not working on default datasources.\n * Text Panel: Fix alignment of elements.\n * Variables: Fix for constant variables in self referencing links.\n- Update _constraints to require at least 5GB, because with less we\n can't build it.\n- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422,\n jsc#SLE-24565)\n + Security: Fixes CVE-2021-43813 and CVE-2021-43815,\n bsc#1193686.\n + Security: Fixes CVE-2021-43798, bsc#1193492.\n + Security: Fixes CVE-2021-41244, bsc#1192763.\n + Security: Fixes CVE-2021-41174, bsc#1192383.\n fix CVE-2021-3711, bsc#1189520.\n * Security: Update dependencies to fix CVE-2021-36222,\n bsc#1188571.\n\nmgr-push:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use http to connect to localhost server\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * remove pylint check at build time\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Update translation strings\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nprometheus-blackbox_exporter:\n\n- Use obscpio for go modules service\n- Set version number\n- Set build date from SOURCE_DATE_EPOCH\n- Update to 0.24.0 (bsc#1212279, jsc#PED-4556)\n * Requires go1.19\n- Drop:\n- Avoid empty validation script\n- Add rc symlink for backwards compatibility\n- Fix authentication bypass via cache poisoning\n (CVE-2022-46146, bsc#1208062)\n- Add `min_version` parameter of `tls_config` to allow enabling\n TLS 1.0 and 1.1 (bsc#1209113)\n- On SUSE Linux Enterprise build always with Go >= 1.19 (bsc#1203599)\n- Build with go1.18 only for SLE-15-SP3 and \n build with >= go1.19 on higher SP (bsc#1203599)\n- Require go1.18 (bsc#1203599, GH#19127)\n- Exclude s390 arch\n- Fix %pre section to avoid empty content\n- Updated to allow building on older rpmbuild.\n- Enhanced to build on Enterprise Linux 8\n\nprometheus-postgres_exporter:\n\n- CVE-2022-46146: Fix authentication bypass via cache poisoning (bsc#1208060)\n- Remove duplicated call to systemd requirements\n- Do not build debug if RHEL >= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go >= 1.18 on RHEL\n- Build with Go >= 1.20 elsewhere\n- Adapt the systemd service security configuration\n to be able to start it on RHEL systems and clones\n- Create the prometheus user for RHEL systems and clones\n- Fix _service to pull correct version\n- Use go_modules source service\n- Upgrade to version 0.10.1:\n * Fix broken log-level for values other than debug (bsc#1208965)\n- Version/release lines above first usage of those macros.\n gh#uyuni-project/uyuni#5418\n- Prevent empty %pre section\n- Exclude s390 builds \n- Updated for RHEL8.\n\npython-hwdata:\n\n- Declare the LICENSE file as license and not doc\n\npython-pyvmomi:\n\n- Preparing submission to SUSE:SLE-15-SP3:Update as part of ECO PED-3623.\n\nrhnlib:\n\n- Version 5.0.1-1\n * Specify a packager for Debian like distros\n- Version 4.4.6-1\n * Remove unused makefiles\n- Version 4.4.5-1\n * Use bundle CA certificate in rhnpush\n- Version 4.4.4-1\n * Only use TLSv1+ for SSL connections\n- Version 4.4.3-1\n * Ensure installation of make for building\n- Version 4.4.2-1\n * Don't get stuck at the end of SSL transfers (bsc#1204032)\n- Version 4.4.1-1\n * Bump version to 4.4.0\n\nspacecmd:\n\n- Version 5.0.1-1\n * Use localhost without ssl when running on the server\n- Version 4.4.10-1\n * Update translation strings\n- Version 4.4.9-1\n- Version 4.4.8-1\n * Add spacecmd function: cryptokey_update\n * Bypass traditional systems check on older SUMA instances (bsc#1208612)\n * fix argument parsing of distribution_update (bsc#1210458)\n- Version 4.4.7-1\n * remove pylint check at build time\n * Display activation key details after executing the corresponding command (bsc#1208719)\n * Show targetted packages before actually removing them (bsc#1207830)\n- Version 4.4.6-1\n * Fix spacecmd not showing any output for softwarechannel_diff \n and softwarechannel_errata_diff (bsc#1207352)\n- Version 4.4.5-1\n * Prevent string api parameters to be parsed as dates if not in\n ISO-8601 format (bsc#1205759)\n * Add python-dateutil dependency, required to process date values in\n spacecmd api calls\n * Remove python3-simplejson dependency\n- Version 4.4.4-1\n * Correctly understand 'ssm' keyword on scap scheduling\n * Add vendor_advisory information to errata_details call (bsc#1205207)\n * Change default port of 'Containerized Proxy configuration' 8022\n- Version 4.4.3-1\n * Added two missing options to schedule product migration: allow-vendor-change\n and remove-products-without-successor (bsc#1204126)\n * Changed schedule product migration to use the correct API method\n * Fix dict_keys not supporting indexing in systems_setconfigchannelorger\n * Added a warning message for traditional stack deprecation\n * Remove 'Undefined return code' from debug messages (bsc#1203283)\n- Version 4.4.2-1\n * Stop always showing help for valid proxy_container_config calls\n- Version 4.4.1-1\n * Process date values in spacecmd api calls (bsc#1198903)\n * Improve Proxy FQDN hint message\n- Version 4.3.14-1\n * Fix missing argument on system_listmigrationtargets (bsc#1201003)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n * Change proxy container config default filename to end with tar.gz\n- Version 4.3.13-1\n- Version 4.3.12-1\n- Version 4.3.11-1\n * on full system update call schedulePackageUpdate API (bsc#1197507)\n\nspacewalk-client-tools:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.7-1\n * Remove unused and deprecated/removed platform.dist import.\n- Version 4.4.6-1\n * Update translation strings\n * Tito requires to list the package source as %{name}-%{version}.tar.gz\n- Version 4.4.5-1\n * remove mgr-virtualization usage\n * remove dependency to suseRegisterInfo\n- Version 4.4.4-1\n- Version 4.4.3-1\n- Version 4.4.2-1\n- Version 4.4.1-1\n- Version 4.3.11-1\n- Version 4.3.10-1\n\nsupportutils-plugin-salt:\n\n- Update to version 1.2.2\n * Remove possible passwords from Salt configuration files (bsc#1201059)\n- Update to version 1.2.1\n * Remove ERROR messages on Salt client systems\n- Declare the LICENSE file as license and not doc\n- Update to version 1.2.0\n * Add support for Salt Bundle\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.2-1\n * write configured crypto-policy in supportconfig\n * add cloud and payg checks\n- Version 4.4.1-1\n * Bump version to 4.4.0\n- Version 4.3.2-1\n * Add proxy containers config and logs\n\nuyuni-common-libs:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.4-1\n * Workaround for python3-debian bug about collecting control file (bsc#1211525, bsc#1208692)\n * Accept missing rhn.conf file\n * Use context manager for apache users in fileutils.py.\n- Version 4.4.3-1\n * Ensure installation of make for building.\n * Use versioned Python during packaging.\n- Version 4.4.2-1\n * unify user notification code on java side\n- Version 4.4.1-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n- Version 4.3.5-1\n * Fix reposync issue about 'rpm.hdr' object has no attribute 'get'\n\nuyuni-proxy-systemd-services:\n\n- Version 5.0.1-1\n * Bump version to 5.0.0\n- Version 4.4.2-1\n * Fix script for allowing using container images from different registry paths\n * Allow using container images from different registry paths\n- Version 4.4.1-1\n * Expose /etc/sysconfig/proxy variables to container services (bsc#1202945)\n- Version 4.3.6-1\n * Expose port 80 (bsc#1200142)\n * Use volumes rather than bind mounts\n * TFTPD to listen on udp port (bsc#1200968)\n * Add TAG variable in configuration \n- Version 4.3.5-1\n * Fix containers namespaces in configuration\n- Version 4.3.4-1\n * Rename container_images_path specfile macro to less generic one\n- Version 4.3.3-1\n * Default to SUSE Manager images only when installed from SUSE Manager\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-196,SUSE-SLE-Manager-Tools-15-BETA-2024-196,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-196", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0196-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:0196-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20240196-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:0196-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html", }, { category: "self", summary: "SUSE Bug 1172110", url: "https://bugzilla.suse.com/1172110", }, { category: "self", summary: "SUSE Bug 1176460", url: "https://bugzilla.suse.com/1176460", }, { category: "self", summary: "SUSE Bug 1180816", url: "https://bugzilla.suse.com/1180816", }, { category: "self", summary: "SUSE Bug 1180942", url: "https://bugzilla.suse.com/1180942", }, { category: "self", summary: "SUSE Bug 1181119", url: "https://bugzilla.suse.com/1181119", }, { category: "self", summary: "SUSE Bug 1181935", url: "https://bugzilla.suse.com/1181935", }, { category: "self", summary: "SUSE Bug 1183684", url: "https://bugzilla.suse.com/1183684", }, { category: "self", summary: "SUSE Bug 1187725", url: "https://bugzilla.suse.com/1187725", }, { category: "self", summary: "SUSE Bug 1188061", url: "https://bugzilla.suse.com/1188061", }, { category: "self", summary: "SUSE Bug 1188571", url: "https://bugzilla.suse.com/1188571", }, { category: "self", summary: "SUSE Bug 1189520", url: "https://bugzilla.suse.com/1189520", }, { category: "self", summary: "SUSE Bug 1191454", url: "https://bugzilla.suse.com/1191454", }, { category: "self", summary: "SUSE Bug 1192154", url: "https://bugzilla.suse.com/1192154", }, { category: "self", summary: "SUSE Bug 1192383", url: "https://bugzilla.suse.com/1192383", }, { category: "self", summary: "SUSE Bug 1192696", url: "https://bugzilla.suse.com/1192696", }, { category: "self", summary: "SUSE Bug 1192763", url: "https://bugzilla.suse.com/1192763", }, { category: "self", summary: "SUSE Bug 1193492", url: "https://bugzilla.suse.com/1193492", }, { category: "self", summary: "SUSE Bug 1193686", url: "https://bugzilla.suse.com/1193686", }, { category: "self", summary: "SUSE Bug 1193688", url: "https://bugzilla.suse.com/1193688", }, { category: "self", summary: "SUSE Bug 1197507", url: "https://bugzilla.suse.com/1197507", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199810", url: "https://bugzilla.suse.com/1199810", }, { category: "self", summary: "SUSE Bug 1200142", url: "https://bugzilla.suse.com/1200142", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200591", url: "https://bugzilla.suse.com/1200591", }, { category: "self", summary: "SUSE Bug 1200968", url: "https://bugzilla.suse.com/1200968", }, { category: "self", summary: "SUSE Bug 1200970", url: "https://bugzilla.suse.com/1200970", }, { category: "self", summary: "SUSE Bug 1201003", url: "https://bugzilla.suse.com/1201003", }, { category: "self", summary: "SUSE Bug 1201059", url: "https://bugzilla.suse.com/1201059", }, { category: "self", summary: "SUSE Bug 1201535", url: "https://bugzilla.suse.com/1201535", }, { category: "self", summary: "SUSE Bug 1201539", url: "https://bugzilla.suse.com/1201539", }, { category: "self", summary: "SUSE Bug 1202614", url: "https://bugzilla.suse.com/1202614", }, { category: "self", summary: "SUSE Bug 1202945", url: "https://bugzilla.suse.com/1202945", }, { category: "self", summary: "SUSE Bug 1203283", url: "https://bugzilla.suse.com/1203283", }, { category: "self", summary: "SUSE Bug 1203596", url: "https://bugzilla.suse.com/1203596", }, { category: "self", summary: "SUSE Bug 1203597", url: "https://bugzilla.suse.com/1203597", }, { category: "self", summary: "SUSE Bug 1203599", url: "https://bugzilla.suse.com/1203599", }, { category: "self", summary: "SUSE Bug 1204032", url: "https://bugzilla.suse.com/1204032", }, { category: "self", summary: "SUSE Bug 1204126", url: "https://bugzilla.suse.com/1204126", }, { category: "self", summary: "SUSE Bug 1204302", url: "https://bugzilla.suse.com/1204302", }, { category: "self", summary: "SUSE Bug 1204303", url: "https://bugzilla.suse.com/1204303", }, { category: "self", summary: "SUSE Bug 1204304", url: "https://bugzilla.suse.com/1204304", }, { category: "self", summary: "SUSE Bug 1204305", url: "https://bugzilla.suse.com/1204305", }, { category: "self", summary: "SUSE Bug 1204501", url: "https://bugzilla.suse.com/1204501", }, { category: "self", summary: "SUSE Bug 1205207", url: "https://bugzilla.suse.com/1205207", }, { category: "self", summary: "SUSE Bug 1205225", url: "https://bugzilla.suse.com/1205225", }, { category: "self", summary: "SUSE Bug 1205227", url: "https://bugzilla.suse.com/1205227", }, { category: "self", summary: "SUSE Bug 1205599", url: "https://bugzilla.suse.com/1205599", }, { category: "self", summary: "SUSE Bug 1205759", url: "https://bugzilla.suse.com/1205759", }, { category: "self", summary: "SUSE Bug 1207352", url: "https://bugzilla.suse.com/1207352", }, { category: "self", summary: "SUSE Bug 1207749", url: "https://bugzilla.suse.com/1207749", }, { category: "self", summary: "SUSE Bug 1207750", url: "https://bugzilla.suse.com/1207750", }, { category: "self", summary: "SUSE Bug 1207830", url: "https://bugzilla.suse.com/1207830", }, { category: "self", summary: "SUSE Bug 1208046", url: "https://bugzilla.suse.com/1208046", }, { category: "self", summary: "SUSE Bug 1208049", url: "https://bugzilla.suse.com/1208049", }, { category: "self", summary: "SUSE Bug 1208060", url: "https://bugzilla.suse.com/1208060", }, { category: "self", summary: "SUSE Bug 1208062", url: "https://bugzilla.suse.com/1208062", }, { category: "self", summary: "SUSE Bug 1208065", url: "https://bugzilla.suse.com/1208065", }, { category: "self", summary: "SUSE Bug 1208270", url: "https://bugzilla.suse.com/1208270", }, { category: "self", summary: "SUSE Bug 1208293", url: "https://bugzilla.suse.com/1208293", }, { category: "self", summary: "SUSE Bug 1208298", url: "https://bugzilla.suse.com/1208298", }, { category: "self", summary: "SUSE Bug 1208612", url: "https://bugzilla.suse.com/1208612", }, { category: "self", summary: "SUSE Bug 1208692", url: "https://bugzilla.suse.com/1208692", }, { category: "self", summary: "SUSE Bug 1208719", url: "https://bugzilla.suse.com/1208719", }, { category: "self", summary: "SUSE Bug 1208819", url: "https://bugzilla.suse.com/1208819", }, { category: "self", summary: "SUSE Bug 1208821", url: "https://bugzilla.suse.com/1208821", }, { category: "self", summary: "SUSE Bug 1208965", url: "https://bugzilla.suse.com/1208965", }, { category: "self", summary: "SUSE Bug 1209113", url: "https://bugzilla.suse.com/1209113", }, { category: "self", summary: "SUSE Bug 1209645", url: "https://bugzilla.suse.com/1209645", }, { category: "self", summary: "SUSE Bug 1210458", url: "https://bugzilla.suse.com/1210458", }, { category: "self", summary: "SUSE Bug 1210640", url: "https://bugzilla.suse.com/1210640", }, { category: "self", summary: "SUSE Bug 1210907", url: "https://bugzilla.suse.com/1210907", }, { category: "self", summary: "SUSE Bug 1211525", url: "https://bugzilla.suse.com/1211525", }, { category: "self", summary: "SUSE Bug 1212099", url: "https://bugzilla.suse.com/1212099", }, { category: "self", summary: "SUSE Bug 1212100", url: "https://bugzilla.suse.com/1212100", }, { category: "self", summary: "SUSE Bug 1212279", url: "https://bugzilla.suse.com/1212279", }, { category: "self", summary: "SUSE Bug 1212641", url: "https://bugzilla.suse.com/1212641", }, { category: "self", summary: "SUSE Bug 1218843", url: "https://bugzilla.suse.com/1218843", }, { category: "self", summary: "SUSE Bug 1218844", url: "https://bugzilla.suse.com/1218844", }, { category: "self", summary: "SUSE CVE CVE-2020-7753 page", url: "https://www.suse.com/security/cve/CVE-2020-7753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3447 page", url: "https://www.suse.com/security/cve/CVE-2021-3447/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, { category: "self", summary: "SUSE CVE CVE-2021-3620 page", url: "https://www.suse.com/security/cve/CVE-2021-3620/", }, { category: "self", summary: "SUSE CVE CVE-2021-36222 page", url: "https://www.suse.com/security/cve/CVE-2021-36222/", }, { category: "self", summary: "SUSE CVE CVE-2021-3711 page", url: "https://www.suse.com/security/cve/CVE-2021-3711/", }, { category: "self", summary: "SUSE CVE CVE-2021-3807 page", url: "https://www.suse.com/security/cve/CVE-2021-3807/", }, { category: "self", summary: "SUSE CVE CVE-2021-3918 page", url: "https://www.suse.com/security/cve/CVE-2021-3918/", }, { category: "self", summary: "SUSE CVE CVE-2021-41174 page", url: "https://www.suse.com/security/cve/CVE-2021-41174/", }, { category: "self", summary: "SUSE CVE CVE-2021-41244 page", url: "https://www.suse.com/security/cve/CVE-2021-41244/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2021-43798 page", url: "https://www.suse.com/security/cve/CVE-2021-43798/", }, { category: "self", summary: "SUSE CVE CVE-2021-43813 page", url: "https://www.suse.com/security/cve/CVE-2021-43813/", }, { category: "self", summary: "SUSE CVE CVE-2021-43815 page", url: "https://www.suse.com/security/cve/CVE-2021-43815/", }, { category: "self", summary: "SUSE CVE CVE-2022-0155 page", url: "https://www.suse.com/security/cve/CVE-2022-0155/", }, { category: "self", summary: "SUSE CVE CVE-2022-23552 page", url: "https://www.suse.com/security/cve/CVE-2022-23552/", }, { category: "self", summary: "SUSE CVE CVE-2022-27664 page", url: "https://www.suse.com/security/cve/CVE-2022-27664/", }, { category: "self", summary: "SUSE CVE CVE-2022-29170 page", url: "https://www.suse.com/security/cve/CVE-2022-29170/", }, { category: "self", summary: "SUSE CVE CVE-2022-31097 page", url: "https://www.suse.com/security/cve/CVE-2022-31097/", }, { category: "self", summary: "SUSE CVE CVE-2022-31107 page", url: "https://www.suse.com/security/cve/CVE-2022-31107/", }, { category: "self", summary: "SUSE CVE CVE-2022-31123 page", url: "https://www.suse.com/security/cve/CVE-2022-31123/", }, { category: "self", summary: "SUSE CVE CVE-2022-31130 page", url: "https://www.suse.com/security/cve/CVE-2022-31130/", }, { category: "self", summary: "SUSE CVE CVE-2022-32149 page", url: "https://www.suse.com/security/cve/CVE-2022-32149/", }, { category: "self", summary: "SUSE CVE CVE-2022-35957 page", url: "https://www.suse.com/security/cve/CVE-2022-35957/", }, { category: "self", summary: "SUSE CVE CVE-2022-36062 page", url: "https://www.suse.com/security/cve/CVE-2022-36062/", }, { category: "self", summary: "SUSE CVE CVE-2022-39201 page", url: "https://www.suse.com/security/cve/CVE-2022-39201/", }, { category: "self", summary: "SUSE CVE CVE-2022-39229 page", url: "https://www.suse.com/security/cve/CVE-2022-39229/", }, { category: "self", summary: "SUSE CVE CVE-2022-39306 page", url: "https://www.suse.com/security/cve/CVE-2022-39306/", }, { category: "self", summary: "SUSE CVE CVE-2022-39307 page", url: "https://www.suse.com/security/cve/CVE-2022-39307/", }, { category: "self", summary: "SUSE CVE CVE-2022-39324 page", url: "https://www.suse.com/security/cve/CVE-2022-39324/", }, { category: "self", summary: "SUSE CVE CVE-2022-41715 page", url: "https://www.suse.com/security/cve/CVE-2022-41715/", }, { category: "self", summary: "SUSE CVE CVE-2022-41723 page", url: "https://www.suse.com/security/cve/CVE-2022-41723/", }, { category: "self", summary: "SUSE CVE CVE-2022-46146 page", url: "https://www.suse.com/security/cve/CVE-2022-46146/", }, { category: "self", summary: "SUSE CVE CVE-2023-0507 page", url: "https://www.suse.com/security/cve/CVE-2023-0507/", }, { category: "self", summary: "SUSE CVE CVE-2023-0594 page", url: "https://www.suse.com/security/cve/CVE-2023-0594/", }, { category: "self", summary: "SUSE CVE CVE-2023-1387 page", url: "https://www.suse.com/security/cve/CVE-2023-1387/", }, { category: "self", summary: "SUSE CVE CVE-2023-1410 page", url: "https://www.suse.com/security/cve/CVE-2023-1410/", }, { category: "self", summary: "SUSE CVE CVE-2023-2183 page", url: "https://www.suse.com/security/cve/CVE-2023-2183/", }, { category: "self", summary: "SUSE CVE CVE-2023-2801 page", url: "https://www.suse.com/security/cve/CVE-2023-2801/", }, { category: "self", summary: "SUSE CVE CVE-2023-3128 page", url: "https://www.suse.com/security/cve/CVE-2023-3128/", }, ], title: "Security Beta update for SUSE Manager Client Tools and Salt", tracking: { current_release_date: "2024-01-23T15:20:05Z", generator: { date: "2024-01-23T15:20:05Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:0196-1", initial_release_date: "2024-01-23T15:20:05Z", revision_history: [ { date: "2024-01-23T15:20:05Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", product: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", product_id: "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", }, }, { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", }, }, { category: "product_version", name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", product: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", product_id: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", }, }, { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", product: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", product_id: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", }, }, { category: "product_version", name: "grafana-9.5.8-159000.4.24.1.aarch64", product: { name: "grafana-9.5.8-159000.4.24.1.aarch64", product_id: "grafana-9.5.8-159000.4.24.1.aarch64", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", product: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", product_id: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", product: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", product_id: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", product: { name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", product_id: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", product: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", product_id: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", }, }, { category: "product_version", name: "python3-yarl-1.3.0-159000.3.6.1.aarch64", product: { name: "python3-yarl-1.3.0-159000.3.6.1.aarch64", product_id: "python3-yarl-1.3.0-159000.3.6.1.aarch64", }, }, { category: "product_version", name: "uyuni-base-common-5.0.1-159000.3.18.1.aarch64", product: { name: "uyuni-base-common-5.0.1-159000.3.18.1.aarch64", product_id: "uyuni-base-common-5.0.1-159000.3.18.1.aarch64", }, }, { category: "product_version", name: "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64", product: { name: "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64", product_id: "uyuni-base-proxy-5.0.1-159000.3.18.1.aarch64", }, }, { category: "product_version", name: "uyuni-base-server-5.0.1-159000.3.18.1.aarch64", product: { name: "uyuni-base-server-5.0.1-159000.3.18.1.aarch64", product_id: "uyuni-base-server-5.0.1-159000.3.18.1.aarch64", }, }, { category: "product_version", name: "wire-0.5.0-159000.3.9.1.aarch64", product: { name: "wire-0.5.0-159000.3.9.1.aarch64", product_id: "wire-0.5.0-159000.3.9.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.9.27-159000.3.9.1.noarch", product: { name: "ansible-2.9.27-159000.3.9.1.noarch", product_id: "ansible-2.9.27-159000.3.9.1.noarch", }, }, { category: "product_version", name: "ansible-doc-2.9.27-159000.3.9.1.noarch", product: { name: "ansible-doc-2.9.27-159000.3.9.1.noarch", product_id: "ansible-doc-2.9.27-159000.3.9.1.noarch", }, }, { category: "product_version", name: "ansible-test-2.9.27-159000.3.9.1.noarch", product: { name: "ansible-test-2.9.27-159000.3.9.1.noarch", product_id: "ansible-test-2.9.27-159000.3.9.1.noarch", }, }, { category: "product_version", name: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", product: { name: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", product_id: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", }, }, { category: "product_version", name: "mgr-push-5.0.1-159000.4.21.1.noarch", product: { name: "mgr-push-5.0.1-159000.4.21.1.noarch", product_id: "mgr-push-5.0.1-159000.4.21.1.noarch", }, }, { category: "product_version", name: "python2-hwdata-2.3.5-159000.5.13.1.noarch", product: { name: "python2-hwdata-2.3.5-159000.5.13.1.noarch", product_id: "python2-hwdata-2.3.5-159000.5.13.1.noarch", }, }, { category: "product_version", name: "python2-pyvmomi-6.7.3-159000.3.6.1.noarch", product: { name: "python2-pyvmomi-6.7.3-159000.3.6.1.noarch", product_id: "python2-pyvmomi-6.7.3-159000.3.6.1.noarch", }, }, { category: "product_version", name: "python3-hwdata-2.3.5-159000.5.13.1.noarch", product: { name: "python3-hwdata-2.3.5-159000.5.13.1.noarch", product_id: "python3-hwdata-2.3.5-159000.5.13.1.noarch", }, }, { category: "product_version", name: "python3-mgr-push-5.0.1-159000.4.21.1.noarch", product: { name: "python3-mgr-push-5.0.1-159000.4.21.1.noarch", product_id: "python3-mgr-push-5.0.1-159000.4.21.1.noarch", }, }, { category: "product_version", name: "python3-pyvmomi-6.7.3-159000.3.6.1.noarch", product: { name: "python3-pyvmomi-6.7.3-159000.3.6.1.noarch", product_id: "python3-pyvmomi-6.7.3-159000.3.6.1.noarch", }, }, { category: "product_version", name: "python3-rhnlib-5.0.1-159000.6.30.1.noarch", product: { name: "python3-rhnlib-5.0.1-159000.6.30.1.noarch", product_id: "python3-rhnlib-5.0.1-159000.6.30.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", product: { name: "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", product_id: "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", product: { name: "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", product_id: "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", product: { name: "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", product_id: "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "spacecmd-5.0.1-159000.6.42.1.noarch", product: { name: "spacecmd-5.0.1-159000.6.42.1.noarch", product_id: "spacecmd-5.0.1-159000.6.42.1.noarch", }, }, { category: "product_version", name: "spacewalk-check-5.0.1-159000.6.48.1.noarch", product: { name: "spacewalk-check-5.0.1-159000.6.48.1.noarch", product_id: "spacewalk-check-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", product: { name: "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", product_id: "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", product: { name: "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", product_id: "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", }, }, { category: "product_version", name: "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", product: { name: "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", product_id: "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", }, }, { category: "product_version", name: "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", product: { name: "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", product_id: "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", }, }, { category: "product_version", name: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", product: { name: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", product_id: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", product: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", product_id: "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", }, }, { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", }, }, { category: "product_version", name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", product: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", product_id: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", }, }, { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", product: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", product_id: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", }, }, { category: "product_version", name: "grafana-9.5.8-159000.4.24.1.ppc64le", product: { name: "grafana-9.5.8-159000.4.24.1.ppc64le", product_id: "grafana-9.5.8-159000.4.24.1.ppc64le", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", product: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", product_id: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", product: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", product_id: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", product: { name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", product_id: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", product: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", product_id: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", }, }, { category: "product_version", name: "python3-yarl-1.3.0-159000.3.6.1.ppc64le", product: { name: "python3-yarl-1.3.0-159000.3.6.1.ppc64le", product_id: "python3-yarl-1.3.0-159000.3.6.1.ppc64le", }, }, { category: "product_version", name: "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le", product: { name: "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le", product_id: "uyuni-base-common-5.0.1-159000.3.18.1.ppc64le", }, }, { category: "product_version", name: "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le", product: { name: "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le", product_id: "uyuni-base-proxy-5.0.1-159000.3.18.1.ppc64le", }, }, { category: "product_version", name: "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le", product: { name: "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le", product_id: "uyuni-base-server-5.0.1-159000.3.18.1.ppc64le", }, }, { category: "product_version", name: "wire-0.5.0-159000.3.9.1.ppc64le", product: { name: "wire-0.5.0-159000.3.9.1.ppc64le", product_id: "wire-0.5.0-159000.3.9.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "firewalld-prometheus-config-0.1-159000.6.33.1.s390x", product: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.s390x", product_id: "firewalld-prometheus-config-0.1-159000.6.33.1.s390x", }, }, { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", }, }, { category: "product_version", name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", product: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", product_id: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", }, }, { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", product: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", product_id: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", }, }, { category: "product_version", name: "grafana-9.5.8-159000.4.24.1.s390x", product: { name: "grafana-9.5.8-159000.4.24.1.s390x", product_id: "grafana-9.5.8-159000.4.24.1.s390x", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", product: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", product_id: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", product: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", product_id: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", product: { name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", product_id: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", product: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", product_id: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", }, }, { category: "product_version", name: "python3-yarl-1.3.0-159000.3.6.1.s390x", product: { name: "python3-yarl-1.3.0-159000.3.6.1.s390x", product_id: "python3-yarl-1.3.0-159000.3.6.1.s390x", }, }, { category: "product_version", name: "uyuni-base-common-5.0.1-159000.3.18.1.s390x", product: { name: "uyuni-base-common-5.0.1-159000.3.18.1.s390x", product_id: "uyuni-base-common-5.0.1-159000.3.18.1.s390x", }, }, { category: "product_version", name: "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x", product: { name: "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x", product_id: "uyuni-base-proxy-5.0.1-159000.3.18.1.s390x", }, }, { category: "product_version", name: "uyuni-base-server-5.0.1-159000.3.18.1.s390x", product: { name: "uyuni-base-server-5.0.1-159000.3.18.1.s390x", product_id: "uyuni-base-server-5.0.1-159000.3.18.1.s390x", }, }, { category: "product_version", name: "wire-0.5.0-159000.3.9.1.s390x", product: { name: "wire-0.5.0-159000.3.9.1.s390x", product_id: "wire-0.5.0-159000.3.9.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", product: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", product_id: "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", }, }, { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", }, }, { category: "product_version", name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", product: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", product_id: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", }, }, { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", product: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", product_id: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", }, }, { category: "product_version", name: "grafana-9.5.8-159000.4.24.1.x86_64", product: { name: "grafana-9.5.8-159000.4.24.1.x86_64", product_id: "grafana-9.5.8-159000.4.24.1.x86_64", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", product: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", product_id: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", product: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", product_id: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", product: { name: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", product_id: "python2-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", product: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", product_id: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", }, }, { category: "product_version", name: "python3-yarl-1.3.0-159000.3.6.1.x86_64", product: { name: "python3-yarl-1.3.0-159000.3.6.1.x86_64", product_id: "python3-yarl-1.3.0-159000.3.6.1.x86_64", }, }, { category: "product_version", name: "uyuni-base-common-5.0.1-159000.3.18.1.x86_64", product: { name: "uyuni-base-common-5.0.1-159000.3.18.1.x86_64", product_id: "uyuni-base-common-5.0.1-159000.3.18.1.x86_64", }, }, { category: "product_version", name: "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64", product: { name: "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64", product_id: "uyuni-base-proxy-5.0.1-159000.3.18.1.x86_64", }, }, { category: "product_version", name: "uyuni-base-server-5.0.1-159000.3.18.1.x86_64", product: { name: "uyuni-base-server-5.0.1-159000.3.18.1.x86_64", product_id: "uyuni-base-server-5.0.1-159000.3.18.1.x86_64", }, }, { category: "product_version", name: "wire-0.5.0-159000.3.9.1.x86_64", product: { name: "wire-0.5.0-159000.3.9.1.x86_64", product_id: "wire-0.5.0-159000.3.9.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Client Tools 15-BETA", product: { name: "SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA", }, }, { category: "product_name", name: "SUSE Manager Client Tools Beta for SLE Micro 5", product: { name: "SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5", product_identification_helper: { cpe: "cpe:/o:suse:sle-manager-tools-beta-micro:5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", }, product_reference: "ansible-2.9.27-159000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", }, product_reference: "ansible-doc-2.9.27-159000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", }, product_reference: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", }, product_reference: "firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", }, product_reference: "firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", }, product_reference: "firewalld-prometheus-config-0.1-159000.6.33.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", }, product_reference: "firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", }, product_reference: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", }, product_reference: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", }, product_reference: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", }, product_reference: "golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-159000.4.24.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", }, product_reference: "grafana-9.5.8-159000.4.24.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-159000.4.24.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", }, product_reference: "grafana-9.5.8-159000.4.24.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-159000.4.24.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", }, product_reference: "grafana-9.5.8-159000.4.24.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-159000.4.24.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", }, product_reference: "grafana-9.5.8-159000.4.24.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "mgr-push-5.0.1-159000.4.21.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", }, product_reference: "mgr-push-5.0.1-159000.4.21.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", }, product_reference: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", }, product_reference: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", }, product_reference: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", }, product_reference: "prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-159000.5.13.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", }, product_reference: "python3-hwdata-2.3.5-159000.5.13.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-push-5.0.1-159000.4.21.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", }, product_reference: "python3-mgr-push-5.0.1-159000.4.21.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-pyvmomi-6.7.3-159000.3.6.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", }, product_reference: "python3-pyvmomi-6.7.3-159000.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-rhnlib-5.0.1-159000.6.30.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", }, product_reference: "python3-rhnlib-5.0.1-159000.6.30.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", }, product_reference: "python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", }, product_reference: "python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", }, product_reference: "python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", }, product_reference: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", }, product_reference: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", }, product_reference: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64 as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", }, product_reference: "python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "spacecmd-5.0.1-159000.6.42.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", }, product_reference: "spacecmd-5.0.1-159000.6.42.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", }, product_reference: "spacewalk-check-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", }, product_reference: "spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", }, product_reference: "spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", }, product_reference: "supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", }, product_reference: "supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch as component of SUSE Manager Client Tools 15-BETA", product_id: "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", }, product_reference: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15-BETA", }, { category: "default_component_of", full_product_name: { name: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", }, product_reference: "dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, { category: "default_component_of", full_product_name: { name: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5", product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", }, product_reference: "uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-7753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-7753", }, ], notes: [ { category: "general", text: "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-7753", url: "https://www.suse.com/security/cve/CVE-2020-7753", }, { category: "external", summary: "SUSE Bug 1218843 for CVE-2020-7753", url: "https://bugzilla.suse.com/1218843", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2020-7753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3447", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3447", }, ], notes: [ { category: "general", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3447", url: "https://www.suse.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "SUSE Bug 1183684 for CVE-2021-3447", url: "https://bugzilla.suse.com/1183684", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-3447", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-3583", }, { cve: "CVE-2021-3620", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3620", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3620", url: "https://www.suse.com/security/cve/CVE-2021-3620", }, { category: "external", summary: "SUSE Bug 1187725 for CVE-2021-3620", url: "https://bugzilla.suse.com/1187725", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-3620", }, { cve: "CVE-2021-36222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-36222", }, ], notes: [ { category: "general", text: "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-36222", url: "https://www.suse.com/security/cve/CVE-2021-36222", }, { category: "external", summary: "SUSE Bug 1188571 for CVE-2021-36222", url: "https://bugzilla.suse.com/1188571", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2021-36222", }, { cve: "CVE-2021-3711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3711", }, ], notes: [ { category: "general", text: "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3711", url: "https://www.suse.com/security/cve/CVE-2021-3711", }, { category: "external", summary: "SUSE Bug 1189520 for CVE-2021-3711", url: "https://bugzilla.suse.com/1189520", }, { category: "external", summary: "SUSE Bug 1190129 for CVE-2021-3711", url: "https://bugzilla.suse.com/1190129", }, { category: "external", summary: "SUSE Bug 1192100 for CVE-2021-3711", url: "https://bugzilla.suse.com/1192100", }, { category: "external", summary: "SUSE Bug 1205663 for CVE-2021-3711", url: "https://bugzilla.suse.com/1205663", }, { category: "external", summary: "SUSE Bug 1225628 for CVE-2021-3711", url: "https://bugzilla.suse.com/1225628", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "critical", }, ], title: "CVE-2021-3711", }, { cve: "CVE-2021-3807", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3807", }, ], notes: [ { category: "general", text: "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3807", url: "https://www.suse.com/security/cve/CVE-2021-3807", }, { category: "external", summary: "SUSE Bug 1192154 for CVE-2021-3807", url: "https://bugzilla.suse.com/1192154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2021-3807", }, { cve: "CVE-2021-3918", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3918", }, ], notes: [ { category: "general", text: "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3918", url: "https://www.suse.com/security/cve/CVE-2021-3918", }, { category: "external", summary: "SUSE Bug 1192696 for CVE-2021-3918", url: "https://bugzilla.suse.com/1192696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2021-3918", }, { cve: "CVE-2021-41174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41174", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor('alert(1)')()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-41174", url: "https://www.suse.com/security/cve/CVE-2021-41174", }, { category: "external", summary: "SUSE Bug 1192383 for CVE-2021-41174", url: "https://bugzilla.suse.com/1192383", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-41174", }, { cve: "CVE-2021-41244", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41244", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users' roles in other organizations in which they are not an admin. With fine-grained access control enabled, organization admins can list, add, remove and update users' roles in another organization, where they do not have organization admin role. All installations between v8.0 and v8.2.3 that have fine-grained access control beta enabled and more than one organization should be upgraded as soon as possible. If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-41244", url: "https://www.suse.com/security/cve/CVE-2021-41244", }, { category: "external", summary: "SUSE Bug 1192763 for CVE-2021-41244", url: "https://bugzilla.suse.com/1192763", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "critical", }, ], title: "CVE-2021-41244", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2021-43798", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43798", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43798", url: "https://www.suse.com/security/cve/CVE-2021-43798", }, { category: "external", summary: "SUSE Bug 1193492 for CVE-2021-43798", url: "https://bugzilla.suse.com/1193492", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2021-43798", }, { cve: "CVE-2021-43813", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43813", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files with the extension .md to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Users should upgrade to patched versions 8.3.2 or 7.5.12. For users who cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths. Alternatively, for fully lowercase or fully uppercase .md files, users can block /api/plugins/.*/markdown/.* without losing any functionality beyond inlined plugin help text.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43813", url: "https://www.suse.com/security/cve/CVE-2021-43813", }, { category: "external", summary: "SUSE Bug 1193686 for CVE-2021-43813", url: "https://bugzilla.suse.com/1193686", }, { category: "external", summary: "SUSE Bug 1193688 for CVE-2021-43813", url: "https://bugzilla.suse.com/1193688", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-43813", }, { cve: "CVE-2021-43815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43815", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43815", url: "https://www.suse.com/security/cve/CVE-2021-43815", }, { category: "external", summary: "SUSE Bug 1193686 for CVE-2021-43815", url: "https://bugzilla.suse.com/1193686", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2021-43815", }, { cve: "CVE-2022-0155", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0155", }, ], notes: [ { category: "general", text: "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-0155", url: "https://www.suse.com/security/cve/CVE-2022-0155", }, { category: "external", summary: "SUSE Bug 1218844 for CVE-2022-0155", url: "https://bugzilla.suse.com/1218844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-0155", }, { cve: "CVE-2022-23552", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23552", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include either an external URL to a SVG-file containing JavaScript, or use the `data:` scheme to load an inline SVG-file containing JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.16, 9.2.10, or 9.3.4 to receive a fix.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-23552", url: "https://www.suse.com/security/cve/CVE-2022-23552", }, { category: "external", summary: "SUSE Bug 1207749 for CVE-2022-23552", url: "https://bugzilla.suse.com/1207749", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-23552", }, { cve: "CVE-2022-27664", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27664", }, ], notes: [ { category: "general", text: "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-27664", url: "https://www.suse.com/security/cve/CVE-2022-27664", }, { category: "external", summary: "SUSE Bug 1203185 for CVE-2022-27664", url: "https://bugzilla.suse.com/1203185", }, { category: "external", summary: "SUSE Bug 1203293 for CVE-2022-27664", url: "https://bugzilla.suse.com/1203293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-27664", }, { cve: "CVE-2022-29170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-29170", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn't call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-29170", url: "https://www.suse.com/security/cve/CVE-2022-29170", }, { category: "external", summary: "SUSE Bug 1199810 for CVE-2022-29170", url: "https://bugzilla.suse.com/1199810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-29170", }, { cve: "CVE-2022-31097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31097", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31097", url: "https://www.suse.com/security/cve/CVE-2022-31097", }, { category: "external", summary: "SUSE Bug 1201535 for CVE-2022-31097", url: "https://bugzilla.suse.com/1201535", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-31097", }, { cve: "CVE-2022-31107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31107", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31107", url: "https://www.suse.com/security/cve/CVE-2022-31107", }, { category: "external", summary: "SUSE Bug 1201539 for CVE-2022-31107", url: "https://bugzilla.suse.com/1201539", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-31107", }, { cve: "CVE-2022-31123", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31123", }, ], notes: [ { category: "general", text: "Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsigned plugins are not allowed. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not install plugins downloaded from untrusted sources.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31123", url: "https://www.suse.com/security/cve/CVE-2022-31123", }, { category: "external", summary: "SUSE Bug 1204302 for CVE-2022-31123", url: "https://bugzilla.suse.com/1204302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "low", }, ], title: "CVE-2022-31123", }, { cve: "CVE-2022-31130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31130", }, ], notes: [ { category: "general", text: "Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy endpoints with authentication tokens. The destination plugin could receive a user's Grafana authentication token. Versions 9.1.8 and 8.5.14 contain a patch for this issue. As a workaround, do not use API keys, JWT authentication, or any HTTP Header based authentication.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31130", url: "https://www.suse.com/security/cve/CVE-2022-31130", }, { category: "external", summary: "SUSE Bug 1204305 for CVE-2022-31130", url: "https://bugzilla.suse.com/1204305", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-31130", }, { cve: "CVE-2022-32149", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-32149", }, ], notes: [ { category: "general", text: "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-32149", url: "https://www.suse.com/security/cve/CVE-2022-32149", }, { category: "external", summary: "SUSE Bug 1204501 for CVE-2022-32149", url: "https://bugzilla.suse.com/1204501", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-32149", }, { cve: "CVE-2022-35957", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-35957", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As a workaround deactivate auth proxy following the instructions at: https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/auth-proxy/", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-35957", url: "https://www.suse.com/security/cve/CVE-2022-35957", }, { category: "external", summary: "SUSE Bug 1203597 for CVE-2022-35957", url: "https://bugzilla.suse.com/1203597", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-35957", }, { cve: "CVE-2022-36062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-36062", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerability impacts Grafana instances where RBAC was disabled and enabled afterwards, as the migrations which are translating legacy folder permissions to RBAC permissions do not account for the scenario where the only user permission in the folder is Admin, as a result RBAC adds permissions for Editors and Viewers which allow them to edit and view folders accordingly. This issue has been patched in versions 8.5.13, 9.0.9, and 9.1.6. A workaround when the impacted folder/dashboard is known is to remove the additional permissions manually.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-36062", url: "https://www.suse.com/security/cve/CVE-2022-36062", }, { category: "external", summary: "SUSE Bug 1203596 for CVE-2022-36062", url: "https://bugzilla.suse.com/1203596", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-36062", }, { cve: "CVE-2022-39201", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-39201", }, ], notes: [ { category: "general", text: "Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-39201", url: "https://www.suse.com/security/cve/CVE-2022-39201", }, { category: "external", summary: "SUSE Bug 1204303 for CVE-2022-39201", url: "https://bugzilla.suse.com/1204303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-39201", }, { cve: "CVE-2022-39229", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-39229", }, ], notes: [ { category: "general", text: "Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user's username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`'s email address. This prevents `user_1` logging into the application since `user_1`'s password won't match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-39229", url: "https://www.suse.com/security/cve/CVE-2022-39229", }, { category: "external", summary: "SUSE Bug 1204304 for CVE-2022-39229", url: "https://bugzilla.suse.com/1204304", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "low", }, ], title: "CVE-2022-39229", }, { cve: "CVE-2022-39306", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-39306", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a member of the organization. This introduces a vulnerability which can be used with malicious intent. This issue is patched in version 9.2.4, and has been backported to 8.5.15. There are no known workarounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-39306", url: "https://www.suse.com/security/cve/CVE-2022-39306", }, { category: "external", summary: "SUSE Bug 1205225 for CVE-2022-39306", url: "https://bugzilla.suse.com/1205225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-39306", }, { cve: "CVE-2022-39307", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-39307", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a \"user not found\" message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. There are no known workarounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-39307", url: "https://www.suse.com/security/cve/CVE-2022-39307", }, { category: "external", summary: "SUSE Bug 1205227 for CVE-2022-39307", url: "https://bugzilla.suse.com/1205227", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-39307", }, { cve: "CVE-2022-39324", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-39324", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker's injected URL. This issue is fixed in versions 8.5.16 and 9.2.8.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-39324", url: "https://www.suse.com/security/cve/CVE-2022-39324", }, { category: "external", summary: "SUSE Bug 1207750 for CVE-2022-39324", url: "https://bugzilla.suse.com/1207750", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-39324", }, { cve: "CVE-2022-41715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-41715", }, ], notes: [ { category: "general", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-41715", url: "https://www.suse.com/security/cve/CVE-2022-41715", }, { category: "external", summary: "SUSE Bug 1204023 for CVE-2022-41715", url: "https://bugzilla.suse.com/1204023", }, { category: "external", summary: "SUSE Bug 1208441 for CVE-2022-41715", url: "https://bugzilla.suse.com/1208441", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2022-41715", }, { cve: "CVE-2022-41723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-41723", }, ], notes: [ { category: "general", text: "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-41723", url: "https://www.suse.com/security/cve/CVE-2022-41723", }, { category: "external", summary: "SUSE Bug 1208270 for CVE-2022-41723", url: "https://bugzilla.suse.com/1208270", }, { category: "external", summary: "SUSE Bug 1215588 for CVE-2022-41723", url: "https://bugzilla.suse.com/1215588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-41723", }, { cve: "CVE-2022-46146", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-46146", }, ], notes: [ { category: "general", text: "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-46146", url: "https://www.suse.com/security/cve/CVE-2022-46146", }, { category: "external", summary: "SUSE Bug 1208046 for CVE-2022-46146", url: "https://bugzilla.suse.com/1208046", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2022-46146", }, { cve: "CVE-2023-0507", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0507", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. \n\nThe stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. \n\nAn attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. \n\nThis means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. \n\nUsers may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix. \n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-0507", url: "https://www.suse.com/security/cve/CVE-2023-0507", }, { category: "external", summary: "SUSE Bug 1208821 for CVE-2023-0507", url: "https://bugzilla.suse.com/1208821", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2023-0507", }, { cve: "CVE-2023-0594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0594", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. Users may upgrade to version 8.5.21, 9.2.13 and 9.3.8 to receive a fix.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-0594", url: "https://www.suse.com/security/cve/CVE-2023-0594", }, { category: "external", summary: "SUSE Bug 1208819 for CVE-2023-0594", url: "https://bugzilla.suse.com/1208819", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2023-0594", }, { cve: "CVE-2023-1387", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1387", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-1387", url: "https://www.suse.com/security/cve/CVE-2023-1387", }, { category: "external", summary: "SUSE Bug 1210907 for CVE-2023-1387", url: "https://bugzilla.suse.com/1210907", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2023-1387", }, { cve: "CVE-2023-1410", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1410", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. \n\nGrafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. \n\nThe stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized.\n\nAn attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the description. \n\n Users may upgrade to version 8.5.22, 9.2.15 and 9.3.11 to receive a fix. \n\n\n\n\n\n\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-1410", url: "https://www.suse.com/security/cve/CVE-2023-1410", }, { category: "external", summary: "SUSE Bug 1209645 for CVE-2023-1410", url: "https://bugzilla.suse.com/1209645", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2023-1410", }, { cve: "CVE-2023-2183", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2183", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. \n\nThe option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function.\n\nThis might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server.\n\nUsers may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-2183", url: "https://www.suse.com/security/cve/CVE-2023-2183", }, { category: "external", summary: "SUSE Bug 1212100 for CVE-2023-2183", url: "https://bugzilla.suse.com/1212100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "moderate", }, ], title: "CVE-2023-2183", }, { cve: "CVE-2023-2801", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2801", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. \n\nUsing public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance.\n\nThe only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly.\n\nThis might enable malicious users to crash Grafana instances through that endpoint.\n\nUsers may upgrade to version 9.4.12 and 9.5.3 to receive a fix.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-2801", url: "https://www.suse.com/security/cve/CVE-2023-2801", }, { category: "external", summary: "SUSE Bug 1212099 for CVE-2023-2801", url: "https://bugzilla.suse.com/1212099", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "important", }, ], title: "CVE-2023-2801", }, { cve: "CVE-2023-3128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3128", }, ], notes: [ { category: "general", text: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-3128", url: "https://www.suse.com/security/cve/CVE-2023-3128", }, { category: "external", summary: "SUSE Bug 1212641 for CVE-2023-3128", url: "https://bugzilla.suse.com/1212641", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.4, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.9.1.noarch", "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:firewalld-prometheus-config-0.1-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-boynux-squid_exporter-1.6-159000.4.9.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-lusitaniae-apache_exporter-1.0.0-159000.4.12.1.x86_64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.s390x", "SUSE Manager Client Tools 15-BETA:golang-github-prometheus-prometheus-2.45.0-159000.6.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.aarch64", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.ppc64le", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.s390x", "SUSE Manager Client Tools 15-BETA:grafana-9.5.8-159000.4.24.1.x86_64", "SUSE Manager Client Tools 15-BETA:mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.aarch64", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.ppc64le", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.s390x", "SUSE Manager Client Tools 15-BETA:prometheus-postgres_exporter-0.10.1-159000.3.6.1.x86_64", "SUSE Manager Client Tools 15-BETA:python3-hwdata-2.3.5-159000.5.13.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-mgr-push-5.0.1-159000.4.21.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-pyvmomi-6.7.3-159000.3.6.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-rhnlib-5.0.1-159000.6.30.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.aarch64", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.ppc64le", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.s390x", "SUSE Manager Client Tools 15-BETA:python3-uyuni-common-libs-5.0.1-159000.3.33.1.x86_64", "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.1-159000.6.42.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.1-159000.6.48.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-salt-1.2.2-159000.5.9.1.noarch", "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.1-159000.6.15.1.noarch", "SUSE Manager Client Tools 15-BETA:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:dracut-saltboot-0.1.1681904360.84ef141-159000.3.30.1.noarch", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-159000.4.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.aarch64", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.s390x", "SUSE Manager Client Tools Beta for SLE Micro 5:prometheus-blackbox_exporter-0.24.0-159000.3.6.1.x86_64", "SUSE Manager Client Tools Beta for SLE Micro 5:uyuni-proxy-systemd-services-5.0.1-159000.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-01-23T15:20:05Z", details: "critical", }, ], title: "CVE-2023-3128", }, ], }
suse-su-2022:3178-1
Vulnerability from csaf_suse
Published
2022-09-08 07:35
Modified
2022-09-08 07:35
Summary
Important security update for SUSE Manager Client Tools
Notes
Title of the patch
Important security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
ansible:
- Update to version 2.9.27 (jsc#SLE-23631, jsc#SLE-24133)
* CVE-2021-3620 ansible-connection module discloses sensitive info in traceback error message (in 2.9.27) (bsc#1187725)
* CVE-2021-3583 Template Injection through yaml multi-line strings with ansible facts used in template. (in 2.9.23) (bsc#1188061)
* ansible module nmcli is broken in ansible 2.9.13 (in 2.9.15) (bsc#1176460)
- Update to 2.9.22:
* CVE-2021-3447 (bsc#1183684) multiple modules expose secured values
* CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option
* CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values
* CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values
* CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module
dracut-saltboot:
- Require e2fsprogs (bsc#1202614)
- Update to version 0.1.1657643023.0d694ce
* Update dracut-saltboot dependencies (bsc#1200970)
* Fix network loading when ipappend is used in pxe config
* Add new information messages
golang-github-QubitProducts-exporter_exporter:
- Remove license file from %doc
mgr-daemon:
- Version 4.3.5-1
* Update translation strings
mgr-virtualization:
- Version 4.3.6-1
* Report all VMs in poller, not only running ones (bsc#1199528)
prometheus-blackbox_exporter:
- Exclude s390 arch
python-hwdata:
- Declare the LICENSE file as license and not doc
spacecmd:
- Version 4.3.14-1
* Fix missing argument on system_listmigrationtargets (bsc#1201003)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
* Change proxy container config default filename to end with tar.gz
* Update translation strings
spacewalk-client-tools:
- Version 4.3.11-1
* Update translation strings
uyuni-common-libs:
- Version 4.3.5-1
* Fix reposync issue about 'rpm.hdr' object has no attribute 'get'
uyuni-proxy-systemd-services:
- Version 4.3.6-1
* Expose port 80 (bsc#1200142)
* Use volumes rather than bind mounts
* TFTPD to listen on udp port (bsc#1200968)
* Add TAG variable in configuration
* Fix containers namespaces in configuration
zypp-plugin-spacewalk:
- 1.0.13
* Log in before listing channels. (bsc#1197963, bsc#1193585)
Patchnames
SUSE-2022-3178,SUSE-SLE-Manager-Tools-15-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3178,SUSE-SLE-Product-HPC-15-2022-3178,SUSE-SLE-Product-SLES-15-2022-3178,SUSE-SLE-Product-SLES_SAP-15-2022-3178,openSUSE-SLE-15.3-2022-3178,openSUSE-SLE-15.4-2022-3178
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Important security update for SUSE Manager Client Tools", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\nansible:\n\n- Update to version 2.9.27 (jsc#SLE-23631, jsc#SLE-24133)\n * CVE-2021-3620 ansible-connection module discloses sensitive info in traceback error message (in 2.9.27) (bsc#1187725)\n * CVE-2021-3583 Template Injection through yaml multi-line strings with ansible facts used in template. (in 2.9.23) (bsc#1188061)\n * ansible module nmcli is broken in ansible 2.9.13 (in 2.9.15) (bsc#1176460)\n- Update to 2.9.22:\n * CVE-2021-3447 (bsc#1183684) multiple modules expose secured values \n * CVE-2021-20228 (bsc#1181935) basic.py no_log with fallback option\n * CVE-2021-20191 (bsc#1181119) multiple collections exposes secured values\n * CVE-2021-20180 (bsc#1180942) bitbucket_pipeline_variable exposes sensitive values\n * CVE-2021-20178 (bsc#1180816) user data leak in snmp_facts module\n\ndracut-saltboot:\n\n- Require e2fsprogs (bsc#1202614)\n- Update to version 0.1.1657643023.0d694ce\n * Update dracut-saltboot dependencies (bsc#1200970)\n * Fix network loading when ipappend is used in pxe config\n * Add new information messages\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Remove license file from %doc\n\nmgr-daemon:\n\n- Version 4.3.5-1\n * Update translation strings\n\nmgr-virtualization:\n\n- Version 4.3.6-1\n * Report all VMs in poller, not only running ones (bsc#1199528)\n\nprometheus-blackbox_exporter:\n\n- Exclude s390 arch\n\npython-hwdata:\n\n- Declare the LICENSE file as license and not doc\n\nspacecmd:\n\n- Version 4.3.14-1\n * Fix missing argument on system_listmigrationtargets (bsc#1201003)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n * Change proxy container config default filename to end with tar.gz\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 4.3.11-1\n * Update translation strings\n\nuyuni-common-libs:\n\n- Version 4.3.5-1\n * Fix reposync issue about 'rpm.hdr' object has no attribute 'get'\n\nuyuni-proxy-systemd-services:\n\n- Version 4.3.6-1\n * Expose port 80 (bsc#1200142)\n * Use volumes rather than bind mounts\n * TFTPD to listen on udp port (bsc#1200968)\n * Add TAG variable in configuration \n * Fix containers namespaces in configuration\n\nzypp-plugin-spacewalk:\n\n- 1.0.13\n * Log in before listing channels. (bsc#1197963, bsc#1193585)\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3178,SUSE-SLE-Manager-Tools-15-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3178,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3178,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3178,SUSE-SLE-Product-HPC-15-2022-3178,SUSE-SLE-Product-SLES-15-2022-3178,SUSE-SLE-Product-SLES_SAP-15-2022-3178,openSUSE-SLE-15.3-2022-3178,openSUSE-SLE-15.4-2022-3178", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3178-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3178-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223178-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3178-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012182.html", }, { category: "self", summary: "SUSE Bug 1176460", url: "https://bugzilla.suse.com/1176460", }, { category: "self", summary: "SUSE Bug 1180816", url: "https://bugzilla.suse.com/1180816", }, { category: "self", summary: "SUSE Bug 1180942", url: "https://bugzilla.suse.com/1180942", }, { category: "self", summary: "SUSE Bug 1181119", url: "https://bugzilla.suse.com/1181119", }, { category: "self", summary: "SUSE Bug 1181935", url: "https://bugzilla.suse.com/1181935", }, { category: "self", summary: "SUSE Bug 1183684", url: "https://bugzilla.suse.com/1183684", }, { category: "self", summary: "SUSE Bug 1187725", url: "https://bugzilla.suse.com/1187725", }, { category: "self", summary: "SUSE Bug 1188061", url: "https://bugzilla.suse.com/1188061", }, { category: "self", summary: "SUSE Bug 1193585", url: "https://bugzilla.suse.com/1193585", }, { category: "self", summary: "SUSE Bug 1197963", url: "https://bugzilla.suse.com/1197963", }, { category: "self", summary: "SUSE Bug 1199528", url: "https://bugzilla.suse.com/1199528", }, { category: "self", summary: "SUSE Bug 1200142", url: "https://bugzilla.suse.com/1200142", }, { category: "self", summary: "SUSE Bug 1200591", url: "https://bugzilla.suse.com/1200591", }, { category: "self", summary: "SUSE Bug 1200968", url: "https://bugzilla.suse.com/1200968", }, { category: "self", summary: "SUSE Bug 1200970", url: "https://bugzilla.suse.com/1200970", }, { category: "self", summary: "SUSE Bug 1201003", url: "https://bugzilla.suse.com/1201003", }, { category: "self", summary: "SUSE Bug 1202614", url: "https://bugzilla.suse.com/1202614", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3447 page", url: "https://www.suse.com/security/cve/CVE-2021-3447/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, { category: "self", summary: "SUSE CVE CVE-2021-3620 page", url: "https://www.suse.com/security/cve/CVE-2021-3620/", }, ], title: "Important security update for SUSE Manager Client Tools", tracking: { current_release_date: "2022-09-08T07:35:36Z", generator: { date: "2022-09-08T07:35:36Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3178-1", initial_release_date: "2022-09-08T07:35:36Z", revision_history: [ { date: "2022-09-08T07:35:36Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", product: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", product_id: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", product: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", product_id: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", product: { name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", product_id: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", product: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", product_id: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", }, }, { category: "product_version", name: "wire-0.5.0-150000.1.6.1.aarch64", product: { name: "wire-0.5.0-150000.1.6.1.aarch64", product_id: "wire-0.5.0-150000.1.6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.i586", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.i586", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.i586", }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.i586", product: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.i586", product_id: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.i586", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.i586", product: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.i586", product_id: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.i586", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.i586", product: { name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.i586", product_id: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.i586", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.i586", product: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.i586", product_id: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.i586", }, }, { category: "product_version", name: "wire-0.5.0-150000.1.6.1.i586", product: { name: "wire-0.5.0-150000.1.6.1.i586", product_id: "wire-0.5.0-150000.1.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "ansible-2.9.27-150000.1.14.1.noarch", product: { name: "ansible-2.9.27-150000.1.14.1.noarch", product_id: "ansible-2.9.27-150000.1.14.1.noarch", }, }, { category: "product_version", name: "ansible-doc-2.9.27-150000.1.14.1.noarch", product: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch", product_id: "ansible-doc-2.9.27-150000.1.14.1.noarch", }, }, { category: "product_version", name: "ansible-test-2.9.27-150000.1.14.1.noarch", product: { name: "ansible-test-2.9.27-150000.1.14.1.noarch", product_id: "ansible-test-2.9.27-150000.1.14.1.noarch", }, }, { category: "product_version", name: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", product: { name: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", product_id: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", }, }, { category: "product_version", name: "mgr-daemon-4.3.5-150000.1.35.1.noarch", product: { name: "mgr-daemon-4.3.5-150000.1.35.1.noarch", product_id: "mgr-daemon-4.3.5-150000.1.35.1.noarch", }, }, { category: "product_version", name: "mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", product: { name: "mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", product_id: "mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", }, }, { category: "product_version", name: "python2-hwdata-2.3.5-150000.3.9.1.noarch", product: { name: "python2-hwdata-2.3.5-150000.3.9.1.noarch", product_id: "python2-hwdata-2.3.5-150000.3.9.1.noarch", }, }, { category: "product_version", name: "python2-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product: { name: "python2-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product_id: "python2-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, }, { category: "product_version", name: "python3-hwdata-2.3.5-150000.3.9.1.noarch", product: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch", product_id: "python3-hwdata-2.3.5-150000.3.9.1.noarch", }, }, { category: "product_version", name: "python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", product: { name: "python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", product_id: "python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", }, }, { category: "product_version", name: "python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", product: { name: "python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", product_id: "python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", product: { name: "python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", product_id: "python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", product: { name: "python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", product_id: "python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", product: { name: "python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", product_id: "python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product: { name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product_id: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, }, { category: "product_version", name: "spacecmd-4.3.14-150000.3.83.1.noarch", product: { name: "spacecmd-4.3.14-150000.3.83.1.noarch", product_id: "spacecmd-4.3.14-150000.3.83.1.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.3.11-150000.3.65.1.noarch", product: { name: "spacewalk-check-4.3.11-150000.3.65.1.noarch", product_id: "spacewalk-check-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", product: { name: "spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", product_id: "spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", product: { name: "spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", product_id: "spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", }, }, { category: "product_version", name: "uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", product: { name: "uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", product_id: "uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", }, }, { category: "product_version", name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product: { name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", product_id: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", product: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", product_id: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", product: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", product_id: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", product: { name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", product_id: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", product: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", product_id: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", }, }, { category: "product_version", name: "wire-0.5.0-150000.1.6.1.ppc64le", product: { name: "wire-0.5.0-150000.1.6.1.ppc64le", product_id: "wire-0.5.0-150000.1.6.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", product: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", product_id: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", product: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", product_id: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", product: { name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", product_id: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", product: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", product_id: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", }, }, { category: "product_version", name: "wire-0.5.0-150000.1.6.1.s390x", product: { name: "wire-0.5.0-150000.1.6.1.s390x", product_id: "wire-0.5.0-150000.1.6.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", product: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", product_id: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", product: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", product_id: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", }, }, { category: "product_version", name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", product: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", product_id: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", product: { name: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", product_id: "python2-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", product: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", product_id: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", }, }, { category: "product_version", name: "wire-0.5.0-150000.1.6.1.x86_64", product: { name: "wire-0.5.0-150000.1.6.1.x86_64", product_id: "wire-0.5.0-150000.1.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Client Tools 15", product: { name: "SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15", }, }, { category: "product_name", name: "SUSE Manager Proxy Module 4.1", product: { name: "SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.1", }, }, }, { category: "product_name", name: "SUSE Manager Proxy Module 4.2", product: { name: "SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Proxy Module 4.3", product: { name: "SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.1", product: { name: "SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.1", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.2", product: { name: "SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.3", product: { name: "SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-doc-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", }, product_reference: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.3.5-150000.1.35.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", }, product_reference: "mgr-daemon-4.3.5-150000.1.35.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "mgr-virtualization-host-4.3.6-150000.1.32.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", }, product_reference: "mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", }, product_reference: "python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", }, product_reference: "python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", }, product_reference: "python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", }, product_reference: "python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", }, product_reference: "python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", }, product_reference: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", }, product_reference: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", }, product_reference: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64 as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", }, product_reference: "python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.14-150000.3.83.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", }, product_reference: "spacecmd-4.3.14-150000.3.83.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", }, product_reference: "spacewalk-check-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", }, product_reference: "spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.3.11-150000.3.65.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", }, product_reference: "spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", }, product_reference: "uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-doc-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-doc-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64 as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64 as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", }, product_reference: "zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", }, product_reference: "golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-doc-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-test-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", }, product_reference: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "python2-hwdata-2.3.5-150000.3.9.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python2-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.14-150000.3.83.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", }, product_reference: "spacecmd-4.3.14-150000.3.83.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-doc-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.27-150000.1.14.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", }, product_reference: "ansible-test-2.9.27-150000.1.14.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", }, product_reference: "dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", }, product_reference: "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", }, product_reference: "prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "python3-hwdata-2.3.5-150000.3.9.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", }, product_reference: "python3-hwdata-2.3.5-150000.3.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.14-150000.3.83.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", }, product_reference: "spacecmd-4.3.14-150000.3.83.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "wire-0.5.0-150000.1.6.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", }, product_reference: "wire-0.5.0-150000.1.6.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "wire-0.5.0-150000.1.6.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", }, product_reference: "wire-0.5.0-150000.1.6.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "wire-0.5.0-150000.1.6.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", }, product_reference: "wire-0.5.0-150000.1.6.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "wire-0.5.0-150000.1.6.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", }, product_reference: "wire-0.5.0-150000.1.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3447", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3447", }, ], notes: [ { category: "general", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3447", url: "https://www.suse.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "SUSE Bug 1183684 for CVE-2021-3447", url: "https://bugzilla.suse.com/1183684", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-3447", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-3583", }, { cve: "CVE-2021-3620", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3620", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3620", url: "https://www.suse.com/security/cve/CVE-2021-3620", }, { category: "external", summary: "SUSE Bug 1187725 for CVE-2021-3620", url: "https://bugzilla.suse.com/1187725", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:golang-github-prometheus-node_exporter-1.3.0-150000.3.15.1.x86_64", "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Client Tools 15:mgr-daemon-4.3.5-150000.1.35.1.noarch", "SUSE Manager Client Tools 15:mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Client Tools 15:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.3.6-150000.1.32.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.aarch64", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.ppc64le", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.s390x", "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.5-150000.1.24.1.x86_64", "SUSE Manager Client Tools 15:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Client Tools 15:spacecmd-4.3.14-150000.3.83.1.noarch", "SUSE Manager Client Tools 15:spacewalk-check-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.11-150000.3.65.1.noarch", "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.6-150000.1.6.1.noarch", "SUSE Manager Client Tools 15:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.1:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.1:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.2:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.2:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.2:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Proxy Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "SUSE Manager Proxy Module 4.3:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "SUSE Manager Proxy Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Proxy Module 4.3:python3-zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Proxy Module 4.3:zypp-plugin-spacewalk-1.0.13-150000.3.32.1.noarch", "SUSE Manager Server Module 4.1:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.2:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.2:python3-hwdata-2.3.5-150000.3.9.1.noarch", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "SUSE Manager Server Module 4.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "SUSE Manager Server Module 4.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.3:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.3:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.3:python2-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.3:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:ansible-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-doc-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:ansible-test-2.9.27-150000.1.14.1.noarch", "openSUSE Leap 15.4:dracut-saltboot-0.1.1657643023.0d694ce-150000.1.35.1.noarch", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.aarch64", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.ppc64le", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.s390x", "openSUSE Leap 15.4:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.15.1.x86_64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.aarch64", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.ppc64le", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.s390x", "openSUSE Leap 15.4:prometheus-blackbox_exporter-0.19.0-150000.1.11.1.x86_64", "openSUSE Leap 15.4:python3-hwdata-2.3.5-150000.3.9.1.noarch", "openSUSE Leap 15.4:spacecmd-4.3.14-150000.3.83.1.noarch", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.aarch64", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.ppc64le", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.s390x", "openSUSE Leap 15.4:wire-0.5.0-150000.1.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-08T07:35:36Z", details: "moderate", }, ], title: "CVE-2021-3620", }, ], }
suse-su-2021:2121-1
Vulnerability from csaf_suse
Published
2021-06-22 12:10
Modified
2021-06-22 12:10
Summary
Security update for ansible
Notes
Title of the patch
Security update for ansible
Description of the patch
This update for ansible fixes the following issues:
- Update to 2.9.22:
- CVE-2021-3447: multiple modules expose secured values (bsc#1183684)
- CVE-2021-20228: basic.py no_log with fallback option (bsc#1181935)
- CVE-2021-20191: multiple collections exposes secured values (bsc#1181119)
- CVE-2021-20180: bitbucket_pipeline_variable exposes sensitive values (bsc#1180942)
- CVE-2021-20178: user data leak in snmp_facts module (bsc#1180816)
Patchnames
HPE-Helion-OpenStack-8-2021-2121,SUSE-2021-2121,SUSE-OpenStack-Cloud-8-2021-2121,SUSE-OpenStack-Cloud-Crowbar-8-2021-2121
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ansible", title: "Title of the patch", }, { category: "description", text: "This update for ansible fixes the following issues:\n\n- Update to 2.9.22:\n- CVE-2021-3447: multiple modules expose secured values (bsc#1183684)\n- CVE-2021-20228: basic.py no_log with fallback option (bsc#1181935)\n- CVE-2021-20191: multiple collections exposes secured values (bsc#1181119)\n- CVE-2021-20180: bitbucket_pipeline_variable exposes sensitive values (bsc#1180942)\n- CVE-2021-20178: user data leak in snmp_facts module (bsc#1180816)\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2021-2121,SUSE-2021-2121,SUSE-OpenStack-Cloud-8-2021-2121,SUSE-OpenStack-Cloud-Crowbar-8-2021-2121", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2121-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:2121-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20212121-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:2121-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009066.html", }, { category: "self", summary: "SUSE Bug 1180816", url: "https://bugzilla.suse.com/1180816", }, { category: "self", summary: "SUSE Bug 1180942", url: "https://bugzilla.suse.com/1180942", }, { category: "self", summary: "SUSE Bug 1181119", url: "https://bugzilla.suse.com/1181119", }, { category: "self", summary: "SUSE Bug 1181935", url: "https://bugzilla.suse.com/1181935", }, { category: "self", summary: "SUSE Bug 1183684", url: "https://bugzilla.suse.com/1183684", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3447 page", url: "https://www.suse.com/security/cve/CVE-2021-3447/", }, ], title: "Security update for ansible", tracking: { current_release_date: "2021-06-22T12:10:48Z", generator: { date: "2021-06-22T12:10:48Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:2121-1", initial_release_date: "2021-06-22T12:10:48Z", revision_history: [ { date: "2021-06-22T12:10:48Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-2.9.22-3.18.1.aarch64", product: { name: "ansible-2.9.22-3.18.1.aarch64", product_id: "ansible-2.9.22-3.18.1.aarch64", }, }, { category: "product_version", name: "ansible-doc-2.9.22-3.18.1.aarch64", product: { name: "ansible-doc-2.9.22-3.18.1.aarch64", product_id: "ansible-doc-2.9.22-3.18.1.aarch64", }, }, { category: "product_version", name: "ansible-test-2.9.22-3.18.1.aarch64", product: { name: "ansible-test-2.9.22-3.18.1.aarch64", product_id: "ansible-test-2.9.22-3.18.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.9.22-3.18.1.ppc64le", product: { name: "ansible-2.9.22-3.18.1.ppc64le", product_id: "ansible-2.9.22-3.18.1.ppc64le", }, }, { category: "product_version", name: "ansible-doc-2.9.22-3.18.1.ppc64le", product: { name: "ansible-doc-2.9.22-3.18.1.ppc64le", product_id: "ansible-doc-2.9.22-3.18.1.ppc64le", }, }, { category: "product_version", name: "ansible-test-2.9.22-3.18.1.ppc64le", product: { name: "ansible-test-2.9.22-3.18.1.ppc64le", product_id: "ansible-test-2.9.22-3.18.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-2.9.22-3.18.1.s390x", product: { name: "ansible-2.9.22-3.18.1.s390x", product_id: "ansible-2.9.22-3.18.1.s390x", }, }, { category: "product_version", name: "ansible-doc-2.9.22-3.18.1.s390x", product: { name: "ansible-doc-2.9.22-3.18.1.s390x", product_id: "ansible-doc-2.9.22-3.18.1.s390x", }, }, { category: "product_version", name: "ansible-test-2.9.22-3.18.1.s390x", product: { name: "ansible-test-2.9.22-3.18.1.s390x", product_id: "ansible-test-2.9.22-3.18.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-2.9.22-3.18.1.x86_64", product: { name: "ansible-2.9.22-3.18.1.x86_64", product_id: "ansible-2.9.22-3.18.1.x86_64", }, }, { category: "product_version", name: "ansible-doc-2.9.22-3.18.1.x86_64", product: { name: "ansible-doc-2.9.22-3.18.1.x86_64", product_id: "ansible-doc-2.9.22-3.18.1.x86_64", }, }, { category: "product_version", name: "ansible-test-2.9.22-3.18.1.x86_64", product: { name: "ansible-test-2.9.22-3.18.1.x86_64", product_id: "ansible-test-2.9.22-3.18.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.22-3.18.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", }, product_reference: "ansible-2.9.22-3.18.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.22-3.18.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", }, product_reference: "ansible-2.9.22-3.18.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.22-3.18.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", }, product_reference: "ansible-2.9.22-3.18.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, ], }, vulnerabilities: [ { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-22T12:10:48Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-22T12:10:48Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-22T12:10:48Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-22T12:10:48Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3447", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3447", }, ], notes: [ { category: "general", text: "A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3447", url: "https://www.suse.com/security/cve/CVE-2021-3447", }, { category: "external", summary: "SUSE Bug 1183684 for CVE-2021-3447", url: "https://bugzilla.suse.com/1183684", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud 8:ansible-2.9.22-3.18.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ansible-2.9.22-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-22T12:10:48Z", details: "moderate", }, ], title: "CVE-2021-3447", }, ], }
opensuse-su-2024:10615-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
ansible-2.9.24-1.2 on GA media
Notes
Title of the patch
ansible-2.9.24-1.2 on GA media
Description of the patch
These are all security issues fixed in the ansible-2.9.24-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10615
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-2.9.24-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-2.9.24-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10615", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10615-1.json", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-2.9.24-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10615-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.aarch64", product: { name: "ansible-2.9.24-1.2.aarch64", product_id: "ansible-2.9.24-1.2.aarch64", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.aarch64", product: { name: "ansible-doc-2.9.24-1.2.aarch64", product_id: "ansible-doc-2.9.24-1.2.aarch64", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.aarch64", product: { name: "ansible-test-2.9.24-1.2.aarch64", product_id: "ansible-test-2.9.24-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.ppc64le", product: { name: "ansible-2.9.24-1.2.ppc64le", product_id: "ansible-2.9.24-1.2.ppc64le", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.ppc64le", product: { name: "ansible-doc-2.9.24-1.2.ppc64le", product_id: "ansible-doc-2.9.24-1.2.ppc64le", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.ppc64le", product: { name: "ansible-test-2.9.24-1.2.ppc64le", product_id: "ansible-test-2.9.24-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.s390x", product: { name: "ansible-2.9.24-1.2.s390x", product_id: "ansible-2.9.24-1.2.s390x", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.s390x", product: { name: "ansible-doc-2.9.24-1.2.s390x", product_id: "ansible-doc-2.9.24-1.2.s390x", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.s390x", product: { name: "ansible-test-2.9.24-1.2.s390x", product_id: "ansible-test-2.9.24-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-2.9.24-1.2.x86_64", product: { name: "ansible-2.9.24-1.2.x86_64", product_id: "ansible-2.9.24-1.2.x86_64", }, }, { category: "product_version", name: "ansible-doc-2.9.24-1.2.x86_64", product: { name: "ansible-doc-2.9.24-1.2.x86_64", product_id: "ansible-doc-2.9.24-1.2.x86_64", }, }, { category: "product_version", name: "ansible-test-2.9.24-1.2.x86_64", product: { name: "ansible-test-2.9.24-1.2.x86_64", product_id: "ansible-test-2.9.24-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", }, product_reference: "ansible-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", }, product_reference: "ansible-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", }, product_reference: "ansible-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", }, product_reference: "ansible-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", }, product_reference: "ansible-doc-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", }, product_reference: "ansible-doc-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", }, product_reference: "ansible-doc-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", }, product_reference: "ansible-doc-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", }, product_reference: "ansible-test-2.9.24-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", }, product_reference: "ansible-test-2.9.24-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", }, product_reference: "ansible-test-2.9.24-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.24-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", }, product_reference: "ansible-test-2.9.24-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-doc-2.9.24-1.2.x86_64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.aarch64", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.ppc64le", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.s390x", "openSUSE Tumbleweed:ansible-test-2.9.24-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
opensuse-su-2024:14536-1
Vulnerability from csaf_opensuse
Published
2024-12-02 00:00
Modified
2024-12-02 00:00
Summary
ansible-10-10.6.0-1.1 on GA media
Notes
Title of the patch
ansible-10-10.6.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the ansible-10-10.6.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14536
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-10-10.6.0-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-10-10.6.0-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14536", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14536-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2024:14536-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2024:14536-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, { category: "self", summary: "SUSE CVE CVE-2014-4966 page", url: "https://www.suse.com/security/cve/CVE-2014-4966/", }, { category: "self", summary: "SUSE CVE CVE-2014-4967 page", url: "https://www.suse.com/security/cve/CVE-2014-4967/", }, { category: "self", summary: "SUSE CVE CVE-2015-3908 page", url: "https://www.suse.com/security/cve/CVE-2015-3908/", }, { category: "self", summary: "SUSE CVE CVE-2016-3096 page", url: "https://www.suse.com/security/cve/CVE-2016-3096/", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-10-10.6.0-1.1 on GA media", tracking: { current_release_date: "2024-12-02T00:00:00Z", generator: { date: "2024-12-02T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14536-1", initial_release_date: "2024-12-02T00:00:00Z", revision_history: [ { date: "2024-12-02T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.aarch64", product: { name: "ansible-10-10.6.0-1.1.aarch64", product_id: "ansible-10-10.6.0-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.ppc64le", product: { name: "ansible-10-10.6.0-1.1.ppc64le", product_id: "ansible-10-10.6.0-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.s390x", product: { name: "ansible-10-10.6.0-1.1.s390x", product_id: "ansible-10-10.6.0-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-10-10.6.0-1.1.x86_64", product: { name: "ansible-10-10.6.0-1.1.x86_64", product_id: "ansible-10-10.6.0-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", }, product_reference: "ansible-10-10.6.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", }, product_reference: "ansible-10-10.6.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", }, product_reference: "ansible-10-10.6.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-10-10.6.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", }, product_reference: "ansible-10-10.6.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2014-4966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], notes: [ { category: "general", text: "Ansible before 1.6.7 does not prevent inventory data with \"{{\" and \"lookup\" substrings, and does not prevent remote data with \"{{\" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4966", url: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4966", }, { cve: "CVE-2014-4967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], notes: [ { category: "general", text: "Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing \" src=\" clause, (2) a trailing \" temp=\" clause, or (3) a trailing \" validate=\" clause accompanied by a shell command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4967", url: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4967", }, { cve: "CVE-2015-3908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3908", }, ], notes: [ { category: "general", text: "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3908", url: "https://www.suse.com/security/cve/CVE-2015-3908", }, { category: "external", summary: "SUSE Bug 938161 for CVE-2015-3908", url: "https://bugzilla.suse.com/938161", }, { category: "external", summary: "SUSE Bug 938399 for CVE-2015-3908", url: "https://bugzilla.suse.com/938399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2015-3908", }, { cve: "CVE-2016-3096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3096", }, ], notes: [ { category: "general", text: "The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3096", url: "https://www.suse.com/security/cve/CVE-2016-3096", }, { category: "external", summary: "SUSE Bug 973546 for CVE-2016-3096", url: "https://bugzilla.suse.com/973546", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2016-3096", }, { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.s390x", "openSUSE Tumbleweed:ansible-10-10.6.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-12-02T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
opensuse-su-2022:0081-1
Vulnerability from csaf_opensuse
Published
2022-03-16 16:09
Modified
2022-03-16 16:09
Summary
Security update for ansible
Notes
Title of the patch
Security update for ansible
Description of the patch
Ansible was updated to 2.9.21 to fix lots of bugs and security issues.
Update to version 2.9.20, maintenance release containing numerous bugfixes.
Update to version 2.9.19 with minor changes and a few bug fixes.
Update to version 2.9.18:
* CVE-2021-20228 where default and fallback values for no_log parameters
to modules were not previously masked. (bsc#1181935)
* CVE-2021-20178 where several parameters to the snmp_facts module were
logged and displayed despite containing sensitive information. (bsc#1180816)
* CVE-2021-20180 where several parameters to the
bitbucket_pipeline_variable were logged and displayed despite
containing sensitive information. (bsc#1180942)
* CVE-2021-20191 which addresses a number of modules whose parameters
were logged and displayed despite containing sensitive
information. For the full list of affected modules, refer to the
changelog linked below. (bsc#1181119)
Update to version 2.9.17 with minor changes and a few bug fixes.
Update to version 2.9.16 with minor changes and many bug fixes.
update to version 2.9.15 with following breaking change:
* ansible-galaxy login command has been removed
update to version 2.9.14 with many small improvements and bug fixes,
most notably:
* kubectl - connection plugin now redact kubectl_token and
kubectl_password in console log (CVE-2020-1753 bsc#1166389).
update to version 2.9.13 with many bug fixes, most notably:
* A security issue was addressed in the 'dnf' module, which previously
did not check GPG signatures of packages.
* A bug in the 'cron' module was fixed. In some cases prior to this
fix, the module would inadvertently remove cron entries.
update to version 2.9.12 with many bug fixes,
most notably the following security fixes:
* security issue - copy - Redact the value of the no_log 'content'
parameter in the result's invocation.module_args in check mode.
Previously when used with check mode and with '-vvv', the module would
not censor the content if a change would be made to the destination path.
(CVE-2020-14332 bsc#1174302)
* security issue atomic_move - change default permissions when creating
temporary files so they are not world readable
(https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736 bsc#1164134)
* Fix warning for default permission change when no mode is specified.
Follow up to https://github.com/ansible/ansible/issues/67794.
(CVE-2020-1736)
* Sanitize no_log values from any response keys that might be returned
from the uri module (CVE-2020-14330 bsc#1174145).
* reset logging level to INFO due to CVE-2019-14846.
update to version 2.9.11 with many bug fixes
update to version 2.9.10 with many bug fixes.
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
(bsc#1164140)
update to version 2.9.9
* fix for a regression introduced in 2.9.8
update to version 2.9.8, maintenance release containing numerous bugfixes
update to version 2.9.7 with many bug fixes,
especially for these security issues:
- bsc#1164140 CVE-2020-1733 - insecure temporary directory when
running become_user from become directive
- bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe
lookup plugin subprocess
- bsc#1164137 CVE-2020-1735 - path injection on dest parameter
in fetch module
- bsc#1164134 CVE-2020-1736 atomic_move primitive sets
permissive permissions
- bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip
module does not check extracted path
- bsc#1164136 CVE-2020-1738 module package can be selected by
the ansible facts
- bsc#1164133 CVE-2020-1739 - svn module leaks password when
specified as a parameter
- bsc#1164135 CVE-2020-1740 - secrets readable after
ansible-vault edit
- bsc#1165393 CVE-2020-1746 - information disclosure issue in
ldap_attr and ldap_entry modules
- bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
sensitive information
- bsc#1167532 CVE-2020-10684 - code injection when using
ansible_facts as a subkey
- bsc#1167440 CVE-2020-10685 - modules which use files
encrypted with vault are not properly cleaned up
- bsc#1167873 CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
Fixed before 2.9.6, but not yet listed:
- bsc#1171162 CVE-2020-10729 two random password lookups in
same task return same value
- bsc#1157968 CVE-2019-14904 vulnerability in solaris_zone
module via crafted solaris zone
- bsc#1157969 CVE-2019-14905 malicious code could craft
filename in nxos_file_copy module
- bsc#1112959 CVE-2018-16837 Information leak in 'user' module patch added
- (bsc#1137528) CVE-2019-10156: ansible: templating causing an
- bsc#1118896 CVE-2018-16876 Information disclosure in vvv+ mode with no_log on (https://github.com/ansible/ansible/pull/49569)
- Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
from current working directory allowing possible code execution
Patchnames
openSUSE-2022-81
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ansible", title: "Title of the patch", }, { category: "description", text: "\nAnsible was updated to 2.9.21 to fix lots of bugs and security issues.\n\nUpdate to version 2.9.20, maintenance release containing numerous bugfixes.\n\nUpdate to version 2.9.19 with minor changes and a few bug fixes.\n\nUpdate to version 2.9.18:\n\n* CVE-2021-20228 where default and fallback values for no_log parameters\n to modules were not previously masked. (bsc#1181935)\n* CVE-2021-20178 where several parameters to the snmp_facts module were\n logged and displayed despite containing sensitive information. (bsc#1180816)\n* CVE-2021-20180 where several parameters to the\n bitbucket_pipeline_variable were logged and displayed despite\n containing sensitive information. (bsc#1180942)\n* CVE-2021-20191 which addresses a number of modules whose parameters\n were logged and displayed despite containing sensitive\n information. For the full list of affected modules, refer to the\n changelog linked below. (bsc#1181119)\n \nUpdate to version 2.9.17 with minor changes and a few bug fixes.\n\nUpdate to version 2.9.16 with minor changes and many bug fixes.\n\nupdate to version 2.9.15 with following breaking change:\n\n* ansible-galaxy login command has been removed\n\nupdate to version 2.9.14 with many small improvements and bug fixes,\nmost notably:\n\n* kubectl - connection plugin now redact kubectl_token and \n kubectl_password in console log (CVE-2020-1753 bsc#1166389).\n\nupdate to version 2.9.13 with many bug fixes, most notably:\n\n* A security issue was addressed in the 'dnf' module, which previously\n did not check GPG signatures of packages.\n* A bug in the 'cron' module was fixed. In some cases prior to this\n fix, the module would inadvertently remove cron entries.\n\nupdate to version 2.9.12 with many bug fixes,\nmost notably the following security fixes:\n\n* security issue - copy - Redact the value of the no_log 'content' \n parameter in the result's invocation.module_args in check mode. \n Previously when used with check mode and with '-vvv', the module would \n not censor the content if a change would be made to the destination path. \n (CVE-2020-14332 bsc#1174302)\n* security issue atomic_move - change default permissions when creating \n temporary files so they are not world readable \n (https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736 bsc#1164134)\n* Fix warning for default permission change when no mode is specified. \n Follow up to https://github.com/ansible/ansible/issues/67794. \n (CVE-2020-1736)\n* Sanitize no_log values from any response keys that might be returned \n from the uri module (CVE-2020-14330 bsc#1174145).\n* reset logging level to INFO due to CVE-2019-14846.\n\nupdate to version 2.9.11 with many bug fixes\n\nupdate to version 2.9.10 with many bug fixes.\n\n- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733\n (bsc#1164140)\n\nupdate to version 2.9.9\n\n* fix for a regression introduced in 2.9.8\n\nupdate to version 2.9.8, maintenance release containing numerous bugfixes\n\nupdate to version 2.9.7 with many bug fixes,\nespecially for these security issues:\n\n- bsc#1164140 CVE-2020-1733 - insecure temporary directory when\n running become_user from become directive\n- bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe\n lookup plugin subprocess\n- bsc#1164137 CVE-2020-1735 - path injection on dest parameter\n in fetch module\n- bsc#1164134 CVE-2020-1736 atomic_move primitive sets\n permissive permissions\n- bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip\n module does not check extracted path\n- bsc#1164136 CVE-2020-1738 module package can be selected by\n the ansible facts\n- bsc#1164133 CVE-2020-1739 - svn module leaks password when\n specified as a parameter\n- bsc#1164135 CVE-2020-1740 - secrets readable after\n ansible-vault edit\n- bsc#1165393 CVE-2020-1746 - information disclosure issue in\n ldap_attr and ldap_entry modules\n- bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks\n sensitive information\n- bsc#1167532 CVE-2020-10684 - code injection when using\n ansible_facts as a subkey\n- bsc#1167440 CVE-2020-10685 - modules which use files\n encrypted with vault are not properly cleaned up\n- bsc#1167873 CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]\n\nFixed before 2.9.6, but not yet listed:\n- bsc#1171162 CVE-2020-10729 two random password lookups in\n same task return same value\n- bsc#1157968 CVE-2019-14904 vulnerability in solaris_zone\n module via crafted solaris zone\n- bsc#1157969 CVE-2019-14905 malicious code could craft\n filename in nxos_file_copy module\n- bsc#1112959 CVE-2018-16837 Information leak in 'user' module patch added\n- (bsc#1137528) CVE-2019-10156: ansible: templating causing an\n- bsc#1118896 CVE-2018-16876 Information disclosure in vvv+ mode with no_log on (https://github.com/ansible/ansible/pull/49569)\n- Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read\n from current working directory allowing possible code execution\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2022-81", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0081-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:0081-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D7KK2SNPNAB353QA6BU4SNJDQ3FXZOY5/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:0081-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D7KK2SNPNAB353QA6BU4SNJDQ3FXZOY5/", }, { category: "self", summary: "SUSE Bug 1099808", url: "https://bugzilla.suse.com/1099808", }, { category: "self", summary: "SUSE Bug 1112959", url: "https://bugzilla.suse.com/1112959", }, { category: "self", summary: "SUSE Bug 1118896", url: "https://bugzilla.suse.com/1118896", }, { category: "self", summary: "SUSE Bug 1126503", url: "https://bugzilla.suse.com/1126503", }, { category: "self", summary: "SUSE Bug 1137528", url: "https://bugzilla.suse.com/1137528", }, { category: "self", summary: "SUSE Bug 1157968", url: "https://bugzilla.suse.com/1157968", }, { category: "self", summary: "SUSE Bug 1157969", url: "https://bugzilla.suse.com/1157969", }, { category: "self", summary: "SUSE Bug 1164133", url: "https://bugzilla.suse.com/1164133", }, { category: "self", summary: "SUSE Bug 1164134", url: "https://bugzilla.suse.com/1164134", }, { category: "self", summary: "SUSE Bug 1164135", url: "https://bugzilla.suse.com/1164135", }, { category: "self", summary: "SUSE Bug 1164136", url: "https://bugzilla.suse.com/1164136", }, { category: "self", summary: "SUSE Bug 1164137", url: "https://bugzilla.suse.com/1164137", }, { category: "self", summary: "SUSE Bug 1164138", url: "https://bugzilla.suse.com/1164138", }, { category: "self", summary: "SUSE Bug 1164139", url: "https://bugzilla.suse.com/1164139", }, { category: "self", summary: "SUSE Bug 1164140", url: "https://bugzilla.suse.com/1164140", }, { category: "self", summary: "SUSE Bug 1165393", url: "https://bugzilla.suse.com/1165393", }, { category: "self", summary: "SUSE Bug 1166389", url: "https://bugzilla.suse.com/1166389", }, { category: "self", summary: "SUSE Bug 1167440", url: "https://bugzilla.suse.com/1167440", }, { category: "self", summary: "SUSE Bug 1167532", url: "https://bugzilla.suse.com/1167532", }, { category: "self", summary: "SUSE Bug 1167873", url: "https://bugzilla.suse.com/1167873", }, { category: "self", summary: "SUSE Bug 1171162", url: "https://bugzilla.suse.com/1171162", }, { category: "self", summary: "SUSE Bug 1174145", url: "https://bugzilla.suse.com/1174145", }, { category: "self", summary: "SUSE Bug 1174302", url: "https://bugzilla.suse.com/1174302", }, { category: "self", summary: "SUSE Bug 1180816", url: "https://bugzilla.suse.com/1180816", }, { category: "self", summary: "SUSE Bug 1180942", url: "https://bugzilla.suse.com/1180942", }, { category: "self", summary: "SUSE Bug 1181119", url: "https://bugzilla.suse.com/1181119", }, { category: "self", summary: "SUSE Bug 1181935", url: "https://bugzilla.suse.com/1181935", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, ], title: "Security update for ansible", tracking: { current_release_date: "2022-03-16T16:09:53Z", generator: { date: "2022-03-16T16:09:53Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:0081-1", initial_release_date: "2022-03-16T16:09:53Z", revision_history: [ { date: "2022-03-16T16:09:53Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-2.9.21-bp153.2.3.1.noarch", product: { name: "ansible-2.9.21-bp153.2.3.1.noarch", product_id: "ansible-2.9.21-bp153.2.3.1.noarch", }, }, { category: "product_version", name: "ansible-doc-2.9.21-bp153.2.3.1.noarch", product: { name: "ansible-doc-2.9.21-bp153.2.3.1.noarch", product_id: "ansible-doc-2.9.21-bp153.2.3.1.noarch", }, }, { category: "product_version", name: "ansible-test-2.9.21-bp153.2.3.1.noarch", product: { name: "ansible-test-2.9.21-bp153.2.3.1.noarch", product_id: "ansible-test-2.9.21-bp153.2.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP3", product: { name: "SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3", }, }, { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.9.21-bp153.2.3.1.noarch as component of SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.21-bp153.2.3.1.noarch as component of SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-doc-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.21-bp153.2.3.1.noarch as component of SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-test-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ansible-2.9.21-bp153.2.3.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ansible-doc-2.9.21-bp153.2.3.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-doc-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ansible-test-2.9.21-bp153.2.3.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", }, product_reference: "ansible-test-2.9.21-bp153.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:ansible-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "SUSE Package Hub 15 SP3:ansible-test-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-doc-2.9.21-bp153.2.3.1.noarch", "openSUSE Leap 15.3:ansible-test-2.9.21-bp153.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-03-16T16:09:53Z", details: "moderate", }, ], title: "CVE-2021-20228", }, ], }
opensuse-su-2024:14244-1
Vulnerability from csaf_opensuse
Published
2024-08-08 00:00
Modified
2024-08-08 00:00
Summary
ansible-9-9.8.0-1.1 on GA media
Notes
Title of the patch
ansible-9-9.8.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the ansible-9-9.8.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14244
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "ansible-9-9.8.0-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the ansible-9-9.8.0-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14244", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14244-1.json", }, { category: "self", summary: "SUSE CVE CVE-2014-4966 page", url: "https://www.suse.com/security/cve/CVE-2014-4966/", }, { category: "self", summary: "SUSE CVE CVE-2014-4967 page", url: "https://www.suse.com/security/cve/CVE-2014-4967/", }, { category: "self", summary: "SUSE CVE CVE-2015-3908 page", url: "https://www.suse.com/security/cve/CVE-2015-3908/", }, { category: "self", summary: "SUSE CVE CVE-2016-3096 page", url: "https://www.suse.com/security/cve/CVE-2016-3096/", }, { category: "self", summary: "SUSE CVE CVE-2016-9587 page", url: "https://www.suse.com/security/cve/CVE-2016-9587/", }, { category: "self", summary: "SUSE CVE CVE-2017-7466 page", url: "https://www.suse.com/security/cve/CVE-2017-7466/", }, { category: "self", summary: "SUSE CVE CVE-2017-7481 page", url: "https://www.suse.com/security/cve/CVE-2017-7481/", }, { category: "self", summary: "SUSE CVE CVE-2017-7550 page", url: "https://www.suse.com/security/cve/CVE-2017-7550/", }, { category: "self", summary: "SUSE CVE CVE-2018-10855 page", url: "https://www.suse.com/security/cve/CVE-2018-10855/", }, { category: "self", summary: "SUSE CVE CVE-2018-10875 page", url: "https://www.suse.com/security/cve/CVE-2018-10875/", }, { category: "self", summary: "SUSE CVE CVE-2018-16837 page", url: "https://www.suse.com/security/cve/CVE-2018-16837/", }, { category: "self", summary: "SUSE CVE CVE-2018-16859 page", url: "https://www.suse.com/security/cve/CVE-2018-16859/", }, { category: "self", summary: "SUSE CVE CVE-2018-16876 page", url: "https://www.suse.com/security/cve/CVE-2018-16876/", }, { category: "self", summary: "SUSE CVE CVE-2019-10156 page", url: "https://www.suse.com/security/cve/CVE-2019-10156/", }, { category: "self", summary: "SUSE CVE CVE-2019-10206 page", url: "https://www.suse.com/security/cve/CVE-2019-10206/", }, { category: "self", summary: "SUSE CVE CVE-2019-10217 page", url: "https://www.suse.com/security/cve/CVE-2019-10217/", }, { category: "self", summary: "SUSE CVE CVE-2019-14846 page", url: "https://www.suse.com/security/cve/CVE-2019-14846/", }, { category: "self", summary: "SUSE CVE CVE-2019-14856 page", url: "https://www.suse.com/security/cve/CVE-2019-14856/", }, { category: "self", summary: "SUSE CVE CVE-2019-14858 page", url: "https://www.suse.com/security/cve/CVE-2019-14858/", }, { category: "self", summary: "SUSE CVE CVE-2019-14864 page", url: "https://www.suse.com/security/cve/CVE-2019-14864/", }, { category: "self", summary: "SUSE CVE CVE-2019-14904 page", url: "https://www.suse.com/security/cve/CVE-2019-14904/", }, { category: "self", summary: "SUSE CVE CVE-2019-14905 page", url: "https://www.suse.com/security/cve/CVE-2019-14905/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10684 page", url: "https://www.suse.com/security/cve/CVE-2020-10684/", }, { category: "self", summary: "SUSE CVE CVE-2020-10685 page", url: "https://www.suse.com/security/cve/CVE-2020-10685/", }, { category: "self", summary: "SUSE CVE CVE-2020-10691 page", url: "https://www.suse.com/security/cve/CVE-2020-10691/", }, { category: "self", summary: "SUSE CVE CVE-2020-10729 page", url: "https://www.suse.com/security/cve/CVE-2020-10729/", }, { category: "self", summary: "SUSE CVE CVE-2020-14330 page", url: "https://www.suse.com/security/cve/CVE-2020-14330/", }, { category: "self", summary: "SUSE CVE CVE-2020-14332 page", url: "https://www.suse.com/security/cve/CVE-2020-14332/", }, { category: "self", summary: "SUSE CVE CVE-2020-1733 page", url: "https://www.suse.com/security/cve/CVE-2020-1733/", }, { category: "self", summary: "SUSE CVE CVE-2020-1734 page", url: "https://www.suse.com/security/cve/CVE-2020-1734/", }, { category: "self", summary: "SUSE CVE CVE-2020-1735 page", url: "https://www.suse.com/security/cve/CVE-2020-1735/", }, { category: "self", summary: "SUSE CVE CVE-2020-1736 page", url: "https://www.suse.com/security/cve/CVE-2020-1736/", }, { category: "self", summary: "SUSE CVE CVE-2020-1737 page", url: "https://www.suse.com/security/cve/CVE-2020-1737/", }, { category: "self", summary: "SUSE CVE CVE-2020-1738 page", url: "https://www.suse.com/security/cve/CVE-2020-1738/", }, { category: "self", summary: "SUSE CVE CVE-2020-1739 page", url: "https://www.suse.com/security/cve/CVE-2020-1739/", }, { category: "self", summary: "SUSE CVE CVE-2020-1740 page", url: "https://www.suse.com/security/cve/CVE-2020-1740/", }, { category: "self", summary: "SUSE CVE CVE-2020-1744 page", url: "https://www.suse.com/security/cve/CVE-2020-1744/", }, { category: "self", summary: "SUSE CVE CVE-2020-1746 page", url: "https://www.suse.com/security/cve/CVE-2020-1746/", }, { category: "self", summary: "SUSE CVE CVE-2020-1753 page", url: "https://www.suse.com/security/cve/CVE-2020-1753/", }, { category: "self", summary: "SUSE CVE CVE-2021-20178 page", url: "https://www.suse.com/security/cve/CVE-2021-20178/", }, { category: "self", summary: "SUSE CVE CVE-2021-20180 page", url: "https://www.suse.com/security/cve/CVE-2021-20180/", }, { category: "self", summary: "SUSE CVE CVE-2021-20191 page", url: "https://www.suse.com/security/cve/CVE-2021-20191/", }, { category: "self", summary: "SUSE CVE CVE-2021-20228 page", url: "https://www.suse.com/security/cve/CVE-2021-20228/", }, { category: "self", summary: "SUSE CVE CVE-2021-3583 page", url: "https://www.suse.com/security/cve/CVE-2021-3583/", }, ], title: "ansible-9-9.8.0-1.1 on GA media", tracking: { current_release_date: "2024-08-08T00:00:00Z", generator: { date: "2024-08-08T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14244-1", initial_release_date: "2024-08-08T00:00:00Z", revision_history: [ { date: "2024-08-08T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.aarch64", product: { name: "ansible-9-9.8.0-1.1.aarch64", product_id: "ansible-9-9.8.0-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.ppc64le", product: { name: "ansible-9-9.8.0-1.1.ppc64le", product_id: "ansible-9-9.8.0-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.s390x", product: { name: "ansible-9-9.8.0-1.1.s390x", product_id: "ansible-9-9.8.0-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ansible-9-9.8.0-1.1.x86_64", product: { name: "ansible-9-9.8.0-1.1.x86_64", product_id: "ansible-9-9.8.0-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", }, product_reference: "ansible-9-9.8.0-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", }, product_reference: "ansible-9-9.8.0-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", }, product_reference: "ansible-9-9.8.0-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "ansible-9-9.8.0-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", }, product_reference: "ansible-9-9.8.0-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2014-4966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], notes: [ { category: "general", text: "Ansible before 1.6.7 does not prevent inventory data with \"{{\" and \"lookup\" substrings, and does not prevent remote data with \"{{\" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4966", url: "https://www.suse.com/security/cve/CVE-2014-4966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4966", }, { cve: "CVE-2014-4967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], notes: [ { category: "general", text: "Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing \" src=\" clause, (2) a trailing \" temp=\" clause, or (3) a trailing \" validate=\" clause accompanied by a shell command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4967", url: "https://www.suse.com/security/cve/CVE-2014-4967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4967", }, { cve: "CVE-2015-3908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3908", }, ], notes: [ { category: "general", text: "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3908", url: "https://www.suse.com/security/cve/CVE-2015-3908", }, { category: "external", summary: "SUSE Bug 938161 for CVE-2015-3908", url: "https://bugzilla.suse.com/938161", }, { category: "external", summary: "SUSE Bug 938399 for CVE-2015-3908", url: "https://bugzilla.suse.com/938399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2015-3908", }, { cve: "CVE-2016-3096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3096", }, ], notes: [ { category: "general", text: "The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3096", url: "https://www.suse.com/security/cve/CVE-2016-3096", }, { category: "external", summary: "SUSE Bug 973546 for CVE-2016-3096", url: "https://bugzilla.suse.com/973546", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2016-3096", }, { cve: "CVE-2016-9587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9587", }, ], notes: [ { category: "general", text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9587", url: "https://www.suse.com/security/cve/CVE-2016-9587", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2016-9587", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2016-9587", }, { cve: "CVE-2017-7466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7466", }, ], notes: [ { category: "general", text: "Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7466", url: "https://www.suse.com/security/cve/CVE-2017-7466", }, { category: "external", summary: "SUSE Bug 1019021 for CVE-2017-7466", url: "https://bugzilla.suse.com/1019021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2017-7466", }, { cve: "CVE-2017-7481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7481", }, ], notes: [ { category: "general", text: "Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7481", url: "https://www.suse.com/security/cve/CVE-2017-7481", }, { category: "external", summary: "SUSE Bug 1038785 for CVE-2017-7481", url: "https://bugzilla.suse.com/1038785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7481", }, { cve: "CVE-2017-7550", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7550", }, ], notes: [ { category: "general", text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7550", url: "https://www.suse.com/security/cve/CVE-2017-7550", }, { category: "external", summary: "SUSE Bug 1035124 for CVE-2017-7550", url: "https://bugzilla.suse.com/1035124", }, { category: "external", summary: "SUSE Bug 1065872 for CVE-2017-7550", url: "https://bugzilla.suse.com/1065872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2017-7550", }, { cve: "CVE-2018-10855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10855", }, ], notes: [ { category: "general", text: "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10855", url: "https://www.suse.com/security/cve/CVE-2018-10855", }, { category: "external", summary: "SUSE Bug 1097775 for CVE-2018-10855", url: "https://bugzilla.suse.com/1097775", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10855", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10855", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10855", }, { cve: "CVE-2018-10875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10875", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10875", url: "https://www.suse.com/security/cve/CVE-2018-10875", }, { category: "external", summary: "SUSE Bug 1099808 for CVE-2018-10875", url: "https://bugzilla.suse.com/1099808", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-10875", url: "https://bugzilla.suse.com/1109957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2018-10875", }, { cve: "CVE-2018-16837", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16837", }, ], notes: [ { category: "general", text: "Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16837", url: "https://www.suse.com/security/cve/CVE-2018-16837", }, { category: "external", summary: "SUSE Bug 1112959 for CVE-2018-16837", url: "https://bugzilla.suse.com/1112959", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2018-16837", }, { cve: "CVE-2018-16859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16859", }, ], notes: [ { category: "general", text: "Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16859", url: "https://www.suse.com/security/cve/CVE-2018-16859", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16859", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1116587 for CVE-2018-16859", url: "https://bugzilla.suse.com/1116587", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-16859", }, { cve: "CVE-2018-16876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16876", }, ], notes: [ { category: "general", text: "ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16876", url: "https://www.suse.com/security/cve/CVE-2018-16876", }, { category: "external", summary: "SUSE Bug 1109957 for CVE-2018-16876", url: "https://bugzilla.suse.com/1109957", }, { category: "external", summary: "SUSE Bug 1118896 for CVE-2018-16876", url: "https://bugzilla.suse.com/1118896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2018-16876", }, { cve: "CVE-2019-10156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10156", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10156", url: "https://www.suse.com/security/cve/CVE-2019-10156", }, { category: "external", summary: "SUSE Bug 1137528 for CVE-2019-10156", url: "https://bugzilla.suse.com/1137528", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10156", }, { cve: "CVE-2019-10206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10206", }, ], notes: [ { category: "general", text: "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10206", url: "https://www.suse.com/security/cve/CVE-2019-10206", }, { category: "external", summary: "SUSE Bug 1142690 for CVE-2019-10206", url: "https://bugzilla.suse.com/1142690", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-10206", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10206", }, { cve: "CVE-2019-10217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10217", }, ], notes: [ { category: "general", text: "A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10217", url: "https://www.suse.com/security/cve/CVE-2019-10217", }, { category: "external", summary: "SUSE Bug 1144453 for CVE-2019-10217", url: "https://bugzilla.suse.com/1144453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10217", }, { cve: "CVE-2019-14846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14846", }, ], notes: [ { category: "general", text: "In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14846", url: "https://www.suse.com/security/cve/CVE-2019-14846", }, { category: "external", summary: "SUSE Bug 1153452 for CVE-2019-14846", url: "https://bugzilla.suse.com/1153452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14846", }, { cve: "CVE-2019-14856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14856", }, ], notes: [ { category: "general", text: "ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14856", url: "https://www.suse.com/security/cve/CVE-2019-14856", }, { category: "external", summary: "SUSE Bug 1154232 for CVE-2019-14856", url: "https://bugzilla.suse.com/1154232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14856", }, { cve: "CVE-2019-14858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14858", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14858", url: "https://www.suse.com/security/cve/CVE-2019-14858", }, { category: "external", summary: "SUSE Bug 1154231 for CVE-2019-14858", url: "https://bugzilla.suse.com/1154231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2019-14858", }, { cve: "CVE-2019-14864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14864", }, ], notes: [ { category: "general", text: "Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14864", url: "https://www.suse.com/security/cve/CVE-2019-14864", }, { category: "external", summary: "SUSE Bug 1154830 for CVE-2019-14864", url: "https://bugzilla.suse.com/1154830", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14864", }, { cve: "CVE-2019-14904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14904", }, ], notes: [ { category: "general", text: "A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14904", url: "https://www.suse.com/security/cve/CVE-2019-14904", }, { category: "external", summary: "SUSE Bug 1157968 for CVE-2019-14904", url: "https://bugzilla.suse.com/1157968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2019-14904", }, { cve: "CVE-2019-14905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14905", }, ], notes: [ { category: "general", text: "A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14905", url: "https://www.suse.com/security/cve/CVE-2019-14905", }, { category: "external", summary: "SUSE Bug 1157969 for CVE-2019-14905", url: "https://bugzilla.suse.com/1157969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2019-14905", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10684", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10684", url: "https://www.suse.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "SUSE Bug 1167532 for CVE-2020-10684", url: "https://bugzilla.suse.com/1167532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-10684", }, { cve: "CVE-2020-10685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10685", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10685", url: "https://www.suse.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "SUSE Bug 1167440 for CVE-2020-10685", url: "https://bugzilla.suse.com/1167440", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10685", }, { cve: "CVE-2020-10691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10691", }, ], notes: [ { category: "general", text: "An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10691", url: "https://www.suse.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "SUSE Bug 1167873 for CVE-2020-10691", url: "https://bugzilla.suse.com/1167873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10691", }, { cve: "CVE-2020-10729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10729", }, ], notes: [ { category: "general", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10729", url: "https://www.suse.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "SUSE Bug 1171162 for CVE-2020-10729", url: "https://bugzilla.suse.com/1171162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10729", }, { cve: "CVE-2020-14330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14330", }, ], notes: [ { category: "general", text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14330", url: "https://www.suse.com/security/cve/CVE-2020-14330", }, { category: "external", summary: "SUSE Bug 1174145 for CVE-2020-14330", url: "https://bugzilla.suse.com/1174145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14330", }, { cve: "CVE-2020-14332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14332", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14332", url: "https://www.suse.com/security/cve/CVE-2020-14332", }, { category: "external", summary: "SUSE Bug 1174302 for CVE-2020-14332", url: "https://bugzilla.suse.com/1174302", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14332", }, { cve: "CVE-2020-1733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1733", }, ], notes: [ { category: "general", text: "A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1733", url: "https://www.suse.com/security/cve/CVE-2020-1733", }, { category: "external", summary: "SUSE Bug 1164140 for CVE-2020-1733", url: "https://bugzilla.suse.com/1164140", }, { category: "external", summary: "SUSE Bug 1171823 for CVE-2020-1733", url: "https://bugzilla.suse.com/1171823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1733", }, { cve: "CVE-2020-1734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1734", }, ], notes: [ { category: "general", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1734", url: "https://www.suse.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "SUSE Bug 1164139 for CVE-2020-1734", url: "https://bugzilla.suse.com/1164139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-1734", }, { cve: "CVE-2020-1735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1735", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1735", url: "https://www.suse.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2020-1735", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1735", }, { cve: "CVE-2020-1736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1736", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1736", url: "https://www.suse.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "SUSE Bug 1164134 for CVE-2020-1736", url: "https://bugzilla.suse.com/1164134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2020-1736", }, { cve: "CVE-2020-1737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1737", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1737", url: "https://www.suse.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "SUSE Bug 1164138 for CVE-2020-1737", url: "https://bugzilla.suse.com/1164138", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "important", }, ], title: "CVE-2020-1737", }, { cve: "CVE-2020-1738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1738", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1738", url: "https://www.suse.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "SUSE Bug 1164136 for CVE-2020-1738", url: "https://bugzilla.suse.com/1164136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1738", }, { cve: "CVE-2020-1739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1739", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1739", url: "https://www.suse.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "SUSE Bug 1164133 for CVE-2020-1739", url: "https://bugzilla.suse.com/1164133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1739", }, { cve: "CVE-2020-1740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1740", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1740", url: "https://www.suse.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "SUSE Bug 1164135 for CVE-2020-1740", url: "https://bugzilla.suse.com/1164135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "low", }, ], title: "CVE-2020-1740", }, { cve: "CVE-2020-1744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], notes: [ { category: "general", text: "A flaw was found in keycloak before version 9.0.1. When configuring an Conditional OTP Authentication Flow as a post login flow of an IDP, the failure login events for OTP are not being sent to the brute force protection event queue. So BruteForceProtector does not handle this events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1744", url: "https://www.suse.com/security/cve/CVE-2020-1744", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1744", }, { cve: "CVE-2020-1746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1746", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1746", url: "https://www.suse.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "SUSE Bug 1165393 for CVE-2020-1746", url: "https://bugzilla.suse.com/1165393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1746", }, { cve: "CVE-2020-1753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-1753", }, ], notes: [ { category: "general", text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-1753", url: "https://www.suse.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "SUSE Bug 1166389 for CVE-2020-1753", url: "https://bugzilla.suse.com/1166389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-1753", }, { cve: "CVE-2021-20178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20178", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20178", url: "https://www.suse.com/security/cve/CVE-2021-20178", }, { category: "external", summary: "SUSE Bug 1180816 for CVE-2021-20178", url: "https://bugzilla.suse.com/1180816", }, { category: "external", summary: "SUSE Bug 1186493 for CVE-2021-20178", url: "https://bugzilla.suse.com/1186493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20178", }, { cve: "CVE-2021-20180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20180", }, ], notes: [ { category: "general", text: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20180", url: "https://www.suse.com/security/cve/CVE-2021-20180", }, { category: "external", summary: "SUSE Bug 1180942 for CVE-2021-20180", url: "https://bugzilla.suse.com/1180942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20180", }, { cve: "CVE-2021-20191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20191", }, ], notes: [ { category: "general", text: "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20191", url: "https://www.suse.com/security/cve/CVE-2021-20191", }, { category: "external", summary: "SUSE Bug 1181119 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181119", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20191", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20191", }, { cve: "CVE-2021-20228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20228", }, ], notes: [ { category: "general", text: "A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20228", url: "https://www.suse.com/security/cve/CVE-2021-20228", }, { category: "external", summary: "SUSE Bug 1181935 for CVE-2021-20228", url: "https://bugzilla.suse.com/1181935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-20228", }, { cve: "CVE-2021-3583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3583", }, ], notes: [ { category: "general", text: "A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3583", url: "https://www.suse.com/security/cve/CVE-2021-3583", }, { category: "external", summary: "SUSE Bug 1188061 for CVE-2021-3583", url: "https://bugzilla.suse.com/1188061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.aarch64", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.ppc64le", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.s390x", "openSUSE Tumbleweed:ansible-9-9.8.0-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-08-08T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3583", }, ], }
gsd-2021-20178
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
Aliases
Aliases
{ GSD: { alias: "CVE-2021-20178", description: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", id: "GSD-2021-20178", references: [ "https://www.suse.com/security/cve/CVE-2021-20178.html", "https://access.redhat.com/errata/RHSA-2021:2180", "https://access.redhat.com/errata/RHSA-2021:1079", "https://access.redhat.com/errata/RHSA-2021:0664", "https://access.redhat.com/errata/RHSA-2021:0663", "https://advisories.mageia.org/CVE-2021-20178.html", "https://security.archlinux.org/CVE-2021-20178", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2021-20178", ], details: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", id: "GSD-2021-20178", modified: "2023-12-13T01:23:12.370463Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2021-20178", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Ansible", version: { version_data: [ { version_value: "before 2.9.18", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-532", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2021-e9478617ae", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, { name: "FEDORA-2021-9a0903469c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { name: "https://github.com/ansible-collections/community.general/pull/1635,", refsource: "MISC", url: "https://github.com/ansible-collections/community.general/pull/1635,", }, { name: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,", refsource: "MISC", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,", }, { name: "[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "<2.9.18", affected_versions: "All versions before 2.9.18", cvss_v2: "AV:L/AC:L/Au:N/C:P/I:N/A:N", cvss_v3: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", cwe_ids: [ "CWE-1035", "CWE-532", "CWE-937", ], date: "2021-06-03", description: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", fixed_versions: [ "2.9.18", ], identifier: "CVE-2021-20178", identifiers: [ "CVE-2021-20178", ], not_impacted: "All versions starting from 2.9.18", package_slug: "pypi/ansible", pubdate: "2021-05-26", solution: "Upgrade to version 2.9.18 or above.", title: "Inclusion of Sensitive Information in Log Files", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2021-20178", "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", ], uuid: "4f3f5d79-2864-4dd9-ab10-c26c23a4d8fe", }, ], }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", matchCriteriaId: "720A73E8-481A-4C14-B06B-7E2D0C1FFAD1", versionEndExcluding: "2.9.18", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se encontró un fallo en el módulo ansible donde las credenciales son reveladas en el registro de la consola por defecto y no están protegidas por la característica de seguridad cuando se usa el módulo bitbucket_pipeline_variable. Este fallo permite a un atacante robar las credenciales del módulo bitbucket_pipeline. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2021-20178", lastModified: "2023-12-28T19:15:12.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-26T12:15:18.897", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { source: "secalert@redhat.com", url: "https://github.com/ansible-collections/community.general/pull/1635%2C", }, { source: "secalert@redhat.com", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }, }, }, }
fkie_cve-2021-20178
Vulnerability from fkie_nvd
Published
2021-05-26 12:15
Modified
2024-11-21 05:46
Severity ?
Summary
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | ansible | * | |
| redhat | ansible_tower | 3.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*", matchCriteriaId: "720A73E8-481A-4C14-B06B-7E2D0C1FFAD1", versionEndExcluding: "2.9.18", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:ansible_tower:3.0:*:*:*:*:*:*:*", matchCriteriaId: "B31C575C-06D2-4CAF-A5B7-B9469B3ED55F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.", }, { lang: "es", value: "Se encontró un fallo en el módulo ansible donde las credenciales son reveladas en el registro de la consola por defecto y no están protegidas por la característica de seguridad cuando se usa el módulo bitbucket_pipeline_variable. Este fallo permite a un atacante robar las credenciales del módulo bitbucket_pipeline. La mayor amenaza de esta vulnerabilidad es la confidencialidad", }, ], id: "CVE-2021-20178", lastModified: "2024-11-21T05:46:04.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-26T12:15:18.897", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { source: "secalert@redhat.com", url: "https://github.com/ansible-collections/community.general/pull/1635%2C", }, { source: "secalert@redhat.com", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/ansible-collections/community.general/pull/1635%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }
WID-SEC-W-2022-1349
Vulnerability from csaf_certbund
Published
2021-01-11 23:00
Modified
2024-12-03 23:00
Summary
Ansible: Schwachstelle ermöglicht Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ansible ist eine Software zur Automatisierung von Cloud Provisionierung,
zum Konfigurationsmanagement und zur Anwendungsbereitstellung.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in Ansible ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Ansible ist eine Software zur Automatisierung von Cloud Provisionierung,\r\nzum Konfigurationsmanagement und zur Anwendungsbereitstellung.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann eine Schwachstelle in Ansible ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1349 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1349.json", }, { category: "self", summary: "WID-SEC-2022-1349 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1349", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2021-1613 vom 2021-03-20", url: "https://alas.aws.amazon.com/AL2/ALAS-2021-1613.html", }, { category: "external", summary: "RedHat Bugzilla vom 2021-01-11", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202102-9 vom 2021-02-06", url: "https://security.archlinux.org/ASA-202102-9", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0664 vom 2021-02-24", url: "https://access.redhat.com/errata/RHSA-2021:0664", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0663 vom 2021-02-24", url: "https://access.redhat.com/errata/RHSA-2021:0663", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0779 vom 2021-03-09", url: "https://access.redhat.com/errata/RHSA-2021:0779", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0780 vom 2021-03-09", url: "https://access.redhat.com/errata/RHSA-2021:0780", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:2180 vom 2021-06-01", url: "https://access.redhat.com/errata/RHSA-2021:2180", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2121-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009066.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3178-1 vom 2022-09-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012182.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALASANSIBLE2-2023-004 vom 2023-09-27", url: "https://alas.aws.amazon.com/AL2/ALASANSIBLE2-2023-004.html", }, { category: "external", summary: "Debian Security Advisory DLA-3695 vom 2023-12-28", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html", }, { category: "external", summary: "openSUSE Security Update OPENSUSE-SU-2024:14536-1 vom 2024-12-03", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, ], source_lang: "en-US", title: "Ansible: Schwachstelle ermöglicht Offenlegung von Informationen", tracking: { current_release_date: "2024-12-03T23:00:00.000+00:00", generator: { date: "2024-12-04T11:20:39.133+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2022-1349", initial_release_date: "2021-01-11T23:00:00.000+00:00", revision_history: [ { date: "2021-01-11T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2021-02-07T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2021-02-24T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-09T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-21T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2021-06-01T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-06-22T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-09-08T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-09-27T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2023-12-28T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-01-23T23:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-03T23:00:00.000+00:00", number: "12", summary: "Neue Updates von openSUSE aufgenommen", }, ], status: "final", version: "12", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Ansible", product: { name: "Open Source Ansible", product_id: "T010090", product_identification_helper: { cpe: "cpe:/a:open_source:ansible:-", }, }, }, { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE openSUSE", product: { name: "SUSE openSUSE", product_id: "T027843", product_identification_helper: { cpe: "cpe:/o:suse:opensuse:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2021-20178", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in Ansible. Die Anmeldeinformationen \"authkey\" und \"privkey\" werden in Log Dateien nicht durch die Funktion \"no_log\" geschützt, wenn das Modul \"snmp_facts\" verwendet wird. Ein Angreifer, der Zugriff auf die Ausgabe der Playbook-Ausführung hat, kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T010090", "2951", "T002207", "67646", "T013312", "T027843", "398363", ], }, release_date: "2021-01-11T23:00:00.000+00:00", title: "CVE-2021-20178", }, ], }
wid-sec-w-2022-1349
Vulnerability from csaf_certbund
Published
2021-01-11 23:00
Modified
2024-12-03 23:00
Summary
Ansible: Schwachstelle ermöglicht Offenlegung von Informationen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ansible ist eine Software zur Automatisierung von Cloud Provisionierung,
zum Konfigurationsmanagement und zur Anwendungsbereitstellung.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in Ansible ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Ansible ist eine Software zur Automatisierung von Cloud Provisionierung,\r\nzum Konfigurationsmanagement und zur Anwendungsbereitstellung.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann eine Schwachstelle in Ansible ausnutzen, um Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1349 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-1349.json", }, { category: "self", summary: "WID-SEC-2022-1349 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1349", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2021-1613 vom 2021-03-20", url: "https://alas.aws.amazon.com/AL2/ALAS-2021-1613.html", }, { category: "external", summary: "RedHat Bugzilla vom 2021-01-11", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914774", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202102-9 vom 2021-02-06", url: "https://security.archlinux.org/ASA-202102-9", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0664 vom 2021-02-24", url: "https://access.redhat.com/errata/RHSA-2021:0664", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0663 vom 2021-02-24", url: "https://access.redhat.com/errata/RHSA-2021:0663", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0779 vom 2021-03-09", url: "https://access.redhat.com/errata/RHSA-2021:0779", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0780 vom 2021-03-09", url: "https://access.redhat.com/errata/RHSA-2021:0780", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:2180 vom 2021-06-01", url: "https://access.redhat.com/errata/RHSA-2021:2180", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2121-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009066.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3178-1 vom 2022-09-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012182.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALASANSIBLE2-2023-004 vom 2023-09-27", url: "https://alas.aws.amazon.com/AL2/ALASANSIBLE2-2023-004.html", }, { category: "external", summary: "Debian Security Advisory DLA-3695 vom 2023-12-28", url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html", }, { category: "external", summary: "openSUSE Security Update OPENSUSE-SU-2024:14536-1 vom 2024-12-03", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7LWEIR2LXW4QRWCY6HDMLUO2OTX5OZIC/", }, ], source_lang: "en-US", title: "Ansible: Schwachstelle ermöglicht Offenlegung von Informationen", tracking: { current_release_date: "2024-12-03T23:00:00.000+00:00", generator: { date: "2024-12-04T11:20:39.133+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2022-1349", initial_release_date: "2021-01-11T23:00:00.000+00:00", revision_history: [ { date: "2021-01-11T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2021-02-07T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2021-02-24T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-09T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-21T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2021-06-01T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-06-22T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-09-08T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-09-27T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2023-12-28T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2024-01-23T23:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-03T23:00:00.000+00:00", number: "12", summary: "Neue Updates von openSUSE aufgenommen", }, ], status: "final", version: "12", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Ansible", product: { name: "Open Source Ansible", product_id: "T010090", product_identification_helper: { cpe: "cpe:/a:open_source:ansible:-", }, }, }, { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE openSUSE", product: { name: "SUSE openSUSE", product_id: "T027843", product_identification_helper: { cpe: "cpe:/o:suse:opensuse:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2021-20178", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in Ansible. Die Anmeldeinformationen \"authkey\" und \"privkey\" werden in Log Dateien nicht durch die Funktion \"no_log\" geschützt, wenn das Modul \"snmp_facts\" verwendet wird. Ein Angreifer, der Zugriff auf die Ausgabe der Playbook-Ausführung hat, kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T010090", "2951", "T002207", "67646", "T013312", "T027843", "398363", ], }, release_date: "2021-01-11T23:00:00.000+00:00", title: "CVE-2021-20178", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.