cvelistv5 - cve-2023-6152

cve-2023-6152

Vulnerability from cvelistv5

Published

2024-02-13 21:38

Modified

2025-02-15 00:10

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Summary

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.

References

URL	Tags
security@grafana.com	https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f	Exploit, Vendor Advisory
security@grafana.com	https://grafana.com/security/security-advisories/cve-2023-6152/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://grafana.com/security/security-advisories/cve-2023-6152/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20250214-0008/

Impacted products

Vendor

Product

Version

▼

Grafana

Version: 2.5.0   ≤
Version: 10.0.0   ≤
Version: 10.1.0   ≤
Version: 10.2.0   ≤
Version: 10.3.0   ≤

Grafana

Grafana Enterprise

Version: 2.5.0   ≤
Version: 10.0.0   ≤
Version: 10.1.0   ≤
Version: 10.2.0   ≤
Version: 10.3.0   ≤

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2025-02-15T00:10:28.890Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
               },
               {
                  url: "https://security.netapp.com/advisory/ntap-20250214-0008/",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "grafana",
                  vendor: "grafana",
                  versions: [
                     {
                        lessThan: "9.5.16",
                        status: "affected",
                        version: "2.5.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.0.11",
                        status: "affected",
                        version: "10.0.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.1.7",
                        status: "affected",
                        version: "10.10",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.2.4",
                        status: "affected",
                        version: "10.2.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.3.3",
                        status: "affected",
                        version: "10.3.0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "grafana_enterprise",
                  vendor: "grafana",
                  versions: [
                     {
                        lessThan: "9.5.16",
                        status: "affected",
                        version: "2.5.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.0.11",
                        status: "affected",
                        version: "10.0.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.1.7",
                        status: "affected",
                        version: "10.10",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.2.4",
                        status: "affected",
                        version: "10.2.0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "10.3.3",
                        status: "affected",
                        version: "10.3.0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-6152",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-22T15:42:45.786092Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-22T15:51:56.870Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Grafana",
               vendor: "Grafana",
               versions: [
                  {
                     lessThan: "9.5.16",
                     status: "affected",
                     version: "2.5.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.0.11",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.1.7",
                     status: "affected",
                     version: "10.1.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.2.4",
                     status: "affected",
                     version: "10.2.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.3.3",
                     status: "affected",
                     version: "10.3.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               product: "Grafana Enterprise",
               vendor: "Grafana",
               versions: [
                  {
                     lessThan: "9.5.16",
                     status: "affected",
                     version: "2.5.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.0.11",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.1.7",
                     status: "affected",
                     version: "10.1.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.2.4",
                     status: "affected",
                     version: "10.2.0",
                     versionType: "semver",
                  },
                  {
                     lessThan: "10.3.3",
                     status: "affected",
                     version: "10.3.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<p>A user changing their email after signing up and verifying it can change it without verification in profile settings.</p><p>The configuration option \"verify_email_enabled\" will only validate email only on sign up.</p>",
                  },
               ],
               value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-115",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-115",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-863",
                     description: "CWE-863",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-13T21:38:01.404Z",
            orgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
            shortName: "GRAFANA",
         },
         references: [
            {
               url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
            },
            {
               url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
      assignerShortName: "GRAFANA",
      cveId: "CVE-2023-6152",
      datePublished: "2024-02-13T21:38:01.404Z",
      dateReserved: "2023-11-15T12:44:28.824Z",
      dateUpdated: "2025-02-15T00:10:28.890Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0\", \"matchCriteriaId\": \"F1B0912A-B5CC-42BE-93D4-0A501A0245FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB81DBAE-551A-41FD-BFB5-325C9E0BCA10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A61A884-885C-4961-8263-682CC9EDBCE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F6206EA-DB68-4409-A694-74F47D6879D4\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Un usuario que cambia su correo electr\\u00f3nico despu\\u00e9s de registrarse y verificarlo puede cambiarlo sin verificaci\\u00f3n en la configuraci\\u00f3n del perfil. La opci\\u00f3n de configuraci\\u00f3n \\\"verify_email_enabled\\\" solo validar\\u00e1 el correo electr\\u00f3nico al registrarse.\"}]",
         id: "CVE-2023-6152",
         lastModified: "2024-11-21T08:43:15.483",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"security@grafana.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}]}",
         published: "2024-02-13T22:15:45.430",
         references: "[{\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"source\": \"security@grafana.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"source\": \"security@grafana.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
         sourceIdentifier: "security@grafana.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"security@grafana.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2023-6152\",\"sourceIdentifier\":\"security@grafana.com\",\"published\":\"2024-02-13T22:15:45.430\",\"lastModified\":\"2025-02-15T01:15:09.723\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Un usuario que cambia su correo electrónico después de registrarse y verificarlo puede cambiarlo sin verificación en la configuración del perfil. La opción de configuración \\\"verify_email_enabled\\\" solo validará el correo electrónico al registrarse.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0\",\"matchCriteriaId\":\"F1B0912A-B5CC-42BE-93D4-0A501A0245FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB81DBAE-551A-41FD-BFB5-325C9E0BCA10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A61A884-885C-4961-8263-682CC9EDBCE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6206EA-DB68-4409-A694-74F47D6879D4\"}]}]}],\"references\":[{\"url\":\"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\",\"source\":\"security@grafana.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://grafana.com/security/security-advisories/cve-2023-6152/\",\"source\":\"security@grafana.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://grafana.com/security/security-advisories/cve-2023-6152/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250214-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250214-0008/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-02-15T00:10:28.890Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6152\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-22T15:42:45.786092Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\"], \"vendor\": \"grafana\", \"product\": \"grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.10\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*\"], \"vendor\": \"grafana\", \"product\": \"grafana_enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.10\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-22T15:47:58.337Z\"}}], \"cna\": {\"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Grafana\", \"product\": \"Grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"semver\"}]}, {\"vendor\": \"Grafana\", \"product\": \"Grafana Enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\"}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"<p>A user changing their email after signing up and verifying it can change it without verification in profile settings.</p><p>The configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.</p>\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863\"}]}], \"providerMetadata\": {\"orgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"shortName\": \"GRAFANA\", \"dateUpdated\": \"2024-02-13T21:38:01.404Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2023-6152\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-15T00:10:28.890Z\", \"dateReserved\": \"2023-11-15T12:44:28.824Z\", \"assignerOrgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"datePublished\": \"2024-02-13T21:38:01.404Z\", \"assignerShortName\": \"GRAFANA\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

suse-su-2024:1427-1

Vulnerability from csaf_suse

Published

2024-04-24 09:10

Modified

2024-04-24 09:10

Summary

Security Beta update for SUSE Manager Client Tools and Salt

Notes

Title of the patch

Security Beta update for SUSE Manager Client Tools and Salt

Description of the patch

This update fixes the following issues: POS_Image-Graphical7: - Update to version 0.1.1710765237.46af599 * Move image services to dracut-saltboot package * Use salt bundle - Update to version 0.1.1645440615.7f1328c * Remove deprecated kiwi functions POS_Image-JeOS7: - Update to version 0.1.1710765237.46af599 * Move image services to dracut-saltboot package * Use salt bundle - Update to version 0.1.1645440615.7f1328c * Remove deprecated kiwi functions ansible: - CVE-2023-5764: Address issues where internal templating can cause unsafe variables to lose their unsafe designation (bsc#1216854) * breaking_changes: assert - Nested templating may result in an inability for the conditional to be evaluated. See the porting guide for more information. - CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002) - CVE-2020-14365: Do a GPG validation if the disable_gpg_check option is not set. (bsc#1175993) - Don't Require python-coverage, it is needed only for testing (bsc#1177948) - CVE-2018-10874: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution (included upstream in 2.6.1) (bsc#1099805) dracut-saltboot: - Update to version 0.1.1710765237.46af599 * Load only first available leaseinfo (bsc#1221092) - Update to version 0.1.1681904360.84ef141 grafana: - Require Go 1.20 - Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL - Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors - Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login - Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin - Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication - Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling golang-github-prometheus-node_exporter: - Add `device_error` label for filesystem metrics. - Update rtnetlink library to fix errors during ARP metrics collection. - Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 - Update to 1.6.1: (no source code changes in this release) - BuildRequire go1.20 - Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 - Change go_modules archive in _service to use obscpio file spacecmd: - Version 5.0.5-0 * Update translation strings spacewalk-client-tools: - Version 5.0.4-0 * Remove rhn-profile-sync rhn_register spacewalk-channel and spacewalk-update-status supportutils-plugin-susemanager-client: - Version 5.0.3-0 * Remove rhnsd from client actions and server backend uyuni-tools: - Version 0.1.7-0 * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration * Fix migration script using missing awk in migration image - Version 0.1.6-0 * Pull image from authenticated registry * Port 80 should be published to the port 80 of the containers. 8080 is squid * Autogenerate the database password * Add mgrctl term command * Fix --version flag * Deny uyuni to suma upgrade and viceversa * Refactor upgrade to clarify script end adding post upgrade script (bsc#1219887) * Add mgradm install podman arguments to define big volumes storage * k8s migration use same functions as upgrade * Allow to use images from RPM if present * Schedule a system list refresh after migrate if not runned before * Ignore error on optional flag * Fix migration of multiple autoinstallable distributions * Obsolete uyuni-proxy-systemd-service package by mgrpxy * Add GitHub workflow for checking changelog * Allow installation using --image image:tag * Add command to register Peripheral server to Hub * Add Node exporter (9100) and Taskomatic (9800) ports to the list of open TCP ports * Fix minimal administrator password length * Do not assume the current host is a cluster node when getting kubelet version * Add mgrpxy start, stop and restart commands * Remove shm size constraints on the server * Add mgrpxy and mgradm status commands * Use uninstall commands dry run by default to avoid unintended removals * Make first user mandatory at install time * Add inspect and upgrade command * Improve error handling when exec.Command is used * Start/Stop/Restart command with kubernetes - Version 0.1.5-0 * Install aardvark-dns if netavark is installed (bsc#1220371)

Patchnames

SUSE-2024-1427,SUSE-SLE-Manager-Tools-15-BETA-2024-1427,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1427

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security Beta update for SUSE Manager Client Tools and Salt",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update fixes the following issues:\n\nPOS_Image-Graphical7:\n\n- Update to version 0.1.1710765237.46af599\n  * Move image services to dracut-saltboot package\n  * Use salt bundle\n- Update to version 0.1.1645440615.7f1328c\n  * Remove deprecated kiwi functions\n\nPOS_Image-JeOS7:\n\n- Update to version 0.1.1710765237.46af599\n  * Move image services to dracut-saltboot package\n  * Use salt bundle\n- Update to version 0.1.1645440615.7f1328c\n  * Remove deprecated kiwi functions\n\nansible:\n\n- CVE-2023-5764: Address issues where internal templating can cause unsafe\n  variables to lose their unsafe designation (bsc#1216854)\n  * breaking_changes:\n    assert - Nested templating may result in an inability for the conditional\n    to be evaluated. See the porting guide for more information.\n- CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002)\n- CVE-2020-14365: Do a GPG validation if the disable_gpg_check option is not set. (bsc#1175993)\n- Don't Require python-coverage, it is needed only for testing (bsc#1177948)\n- CVE-2018-10874: Inventory variables are loaded from current working directory when running ad-hoc command that can\n  lead to code execution (included upstream in 2.6.1) (bsc#1099805) \n\ndracut-saltboot:\n\n- Update to version 0.1.1710765237.46af599 \n  * Load only first available leaseinfo (bsc#1221092)\n- Update to version 0.1.1681904360.84ef141\n\n\ngrafana:\n\n- Require Go 1.20\n- Update to version 9.5.16:\n  * [SECURITY] CVE-2023-6152: Add email verification when updating\n    user email (bsc#1219912)\n  * [BUGFIX] Annotations: Split cleanup into separate queries and\n    deletes to avoid deadlocks on MySQL\n- Update to version 9.5.15:\n  * [FEATURE] Alerting: Attempt to retry retryable errors\n- Update to version 9.5.14:\n  * [BUGFIX] Alerting: Fix state manager to not keep\n    datasource_uid and ref_id labels in state after Error\n  * [BUGFIX] Transformations: Config overrides being lost when\n    config from query transform is applied\n  * [BUGFIX] LDAP: Fix enable users on successfull login\n- Update to version 9.5.13:\n  * [BUGFIX] BrowseDashboards: Only remember the most recent\n    expanded folder\n  * [BUGFIX] Licensing: Pass func to update env variables when\n    starting plugin\n- Update to version 9.5.12:\n  * [FEATURE] Azure: Add support for Workload Identity\n    authentication\n- Update to version 9.5.9:\n  * [FEATURE] SSE: Fix DSNode to not panic when response has empty\n    response\n  * [FEATURE] Prometheus: Handle the response with different field\n    key order\n  * [BUGFIX] LDAP: Fix user disabling\n\ngolang-github-prometheus-node_exporter:\n\n- Add `device_error` label for filesystem metrics.\n- Update rtnetlink library to fix errors during ARP metrics collection.\n- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):\n  * [FEATURE] Add ZFS freebsd per dataset stats #2753\n  * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721\n  * [ENHANCEMENT] Parallelize stat calls in Linux filesystem\n    collector #1772\n  * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711\n  * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric\n    #2778\n  * [ENHANCEMENT] Improve qdisc collector performance #2779\n  * [ENHANCEMENT] Add include and exclude filter for hwmon\n    collector #2699\n  * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead\n    of procfs #2777\n  * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754\n  * [BUGFIX] Fallback to 32-bit stats in netdev #2757\n  * [BUGFIX] Close btrfs.FS handle after use #2780\n  * [BUGFIX] Move RO status before error return #2807\n  * [BUFFIX] Fix promhttp_metric_handler_errors_total being always\n    active #2808\n  * [BUGFIX] Fix nfsd v4 index miss #2824\n- Update to 1.6.1:\n  (no source code changes in this release)\n- BuildRequire go1.20\n- Update to 1.6.0:\n  * [CHANGE] Fix cpustat when some cpus are offline #2318\n  * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605\n  * [CHANGE] Deprecate ntp collector #2603\n  * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583\n  * [CHANGE] Deprecate supervisord collector #2685\n  * [FEATURE] Enable uname collector on NetBSD #2559\n  * [FEATURE] NetBSD support for the meminfo collector #2570\n  * [FEATURE] NetBSD support for CPU collector #2626\n  * [FEATURE] Add FreeBSD collector for netisr subsystem #2668\n  * [FEATURE] Add softirqs collector #2669\n  * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449\n  * [ENHANCEMENT] Add administrative state of Linux network\n    interfaces #2515\n  * [ENHANCEMENT] Log current value of GOMAXPROCS #2537\n  * [ENHANCEMENT] Add profiler options for perf collector #2542\n  * [ENHANCEMENT] Allow root path as metrics path #2590\n  * [ENHANCEMENT] Add cpu frequency governor metrics #2569\n  * [ENHANCEMENT] Add new landing page #2622\n  * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634\n  * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687\n  * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612\n  * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669\n  * [BUGFIX] perf: fixes for automatically detecting the correct\n    tracefs mountpoints #2553\n  * [BUGFIX] Fix `thermal_zone` collector noise @2554\n  * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD\n    2584\n  * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631\n  * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605\n  * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637\n  * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in\n    OpenBSD #2663\n- Change go_modules archive in _service to use obscpio file\n\nspacecmd:\n\n- Version 5.0.5-0\n  * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 5.0.4-0\n  * Remove rhn-profile-sync rhn_register spacewalk-channel and\n    spacewalk-update-status\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.3-0\n  * Remove rhnsd from client actions and server backend\n\nuyuni-tools:\n\n- Version 0.1.7-0\n  * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration\n  * Fix migration script using missing awk in migration image\n- Version 0.1.6-0\n  * Pull image from authenticated registry\n  * Port 80 should be published to the port 80 of the containers.\n    8080 is squid\n  * Autogenerate the database password\n  * Add mgrctl term command\n  * Fix --version flag\n  * Deny uyuni to suma upgrade and viceversa\n  * Refactor upgrade to clarify script end adding post upgrade\n    script (bsc#1219887)\n  * Add mgradm install podman arguments to define big volumes storage\n  * k8s migration use same functions as upgrade\n  * Allow to use images from RPM if present\n  * Schedule a system list refresh after migrate if not runned before\n  * Ignore error on optional flag\n  * Fix migration of multiple autoinstallable distributions\n  * Obsolete uyuni-proxy-systemd-service package by mgrpxy\n  * Add GitHub workflow for checking changelog\n  * Allow installation using --image image:tag\n  * Add command to register Peripheral server to Hub\n  * Add Node exporter (9100) and Taskomatic (9800) ports to the list\n    of open TCP ports\n  * Fix minimal administrator password length\n  * Do not assume the current host is a cluster node when getting\n    kubelet version\n  * Add mgrpxy start, stop and restart commands\n  * Remove shm size constraints on the server\n  * Add mgrpxy and mgradm status commands\n  * Use uninstall commands dry run by default to avoid unintended\n    removals\n  * Make first user mandatory at install time\n  * Add inspect and upgrade command\n  * Improve error handling when exec.Command is used\n  * Start/Stop/Restart command with kubernetes\n- Version 0.1.5-0\n  * Install aardvark-dns if netavark is installed (bsc#1220371)\n\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1427,SUSE-SLE-Manager-Tools-15-BETA-2024-1427,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1427",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1427-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1427-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1427-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-April/035080.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008037",
            url: "https://bugzilla.suse.com/1008037",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008038",
            url: "https://bugzilla.suse.com/1008038",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010940",
            url: "https://bugzilla.suse.com/1010940",
         },
         {
            category: "self",
            summary: "SUSE Bug 1019021",
            url: "https://bugzilla.suse.com/1019021",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038785",
            url: "https://bugzilla.suse.com/1038785",
         },
         {
            category: "self",
            summary: "SUSE Bug 1059235",
            url: "https://bugzilla.suse.com/1059235",
         },
         {
            category: "self",
            summary: "SUSE Bug 1099805",
            url: "https://bugzilla.suse.com/1099805",
         },
         {
            category: "self",
            summary: "SUSE Bug 1166389",
            url: "https://bugzilla.suse.com/1166389",
         },
         {
            category: "self",
            summary: "SUSE Bug 1171823",
            url: "https://bugzilla.suse.com/1171823",
         },
         {
            category: "self",
            summary: "SUSE Bug 1174145",
            url: "https://bugzilla.suse.com/1174145",
         },
         {
            category: "self",
            summary: "SUSE Bug 1174302",
            url: "https://bugzilla.suse.com/1174302",
         },
         {
            category: "self",
            summary: "SUSE Bug 1175993",
            url: "https://bugzilla.suse.com/1175993",
         },
         {
            category: "self",
            summary: "SUSE Bug 1177948",
            url: "https://bugzilla.suse.com/1177948",
         },
         {
            category: "self",
            summary: "SUSE Bug 1216854",
            url: "https://bugzilla.suse.com/1216854",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219002",
            url: "https://bugzilla.suse.com/1219002",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219887",
            url: "https://bugzilla.suse.com/1219887",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1220371",
            url: "https://bugzilla.suse.com/1220371",
         },
         {
            category: "self",
            summary: "SUSE Bug 1221092",
            url: "https://bugzilla.suse.com/1221092",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8647 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8647/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9587 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9587/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7550 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7550/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-10874 page",
            url: "https://www.suse.com/security/cve/CVE-2018-10874/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-14365 page",
            url: "https://www.suse.com/security/cve/CVE-2020-14365/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-5764 page",
            url: "https://www.suse.com/security/cve/CVE-2023-5764/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-0690 page",
            url: "https://www.suse.com/security/cve/CVE-2024-0690/",
         },
      ],
      title: "Security Beta update for SUSE Manager Client Tools and Salt",
      tracking: {
         current_release_date: "2024-04-24T09:10:16Z",
         generator: {
            date: "2024-04-24T09:10:16Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1427-1",
         initial_release_date: "2024-04-24T09:10:16Z",
         revision_history: [
            {
               date: "2024-04-24T09:10:16Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                           product_id: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-159000.4.30.2.aarch64",
                        product: {
                           name: "grafana-9.5.16-159000.4.30.2.aarch64",
                           product_id: "grafana-9.5.16-159000.4.30.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-159000.3.8.1.aarch64",
                        product: {
                           name: "mgrctl-0.1.7-159000.3.8.1.aarch64",
                           product_id: "mgrctl-0.1.7-159000.3.8.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-159000.3.21.2.aarch64",
                        product: {
                           name: "uyuni-base-common-5.0.2-159000.3.21.2.aarch64",
                           product_id: "uyuni-base-common-5.0.2-159000.3.21.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64",
                           product_id: "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-server-5.0.2-159000.3.21.2.aarch64",
                        product: {
                           name: "uyuni-base-server-5.0.2-159000.3.21.2.aarch64",
                           product_id: "uyuni-base-server-5.0.2-159000.3.21.2.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                        product: {
                           name: "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                           product_id: "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                        product: {
                           name: "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                           product_id: "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-2.9.27-159000.3.12.2.noarch",
                        product: {
                           name: "ansible-2.9.27-159000.3.12.2.noarch",
                           product_id: "ansible-2.9.27-159000.3.12.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-doc-2.9.27-159000.3.12.2.noarch",
                        product: {
                           name: "ansible-doc-2.9.27-159000.3.12.2.noarch",
                           product_id: "ansible-doc-2.9.27-159000.3.12.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-test-2.9.27-159000.3.12.2.noarch",
                        product: {
                           name: "ansible-test-2.9.27-159000.3.12.2.noarch",
                           product_id: "ansible-test-2.9.27-159000.3.12.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                        product: {
                           name: "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                           product_id: "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                        product: {
                           name: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                           product_id: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                        product: {
                           name: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                           product_id: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                           product_id: "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                           product_id: "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                           product_id: "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-5.0.5-159000.6.48.2.noarch",
                        product: {
                           name: "spacecmd-5.0.5-159000.6.48.2.noarch",
                           product_id: "spacecmd-5.0.5-159000.6.48.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-check-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "spacewalk-check-5.0.4-159000.6.54.2.noarch",
                           product_id: "spacewalk-check-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                           product_id: "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                        product: {
                           name: "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                           product_id: "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                        product: {
                           name: "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                           product_id: "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le",
                           product_id: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-159000.4.30.2.ppc64le",
                        product: {
                           name: "grafana-9.5.16-159000.4.30.2.ppc64le",
                           product_id: "grafana-9.5.16-159000.4.30.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-159000.3.8.1.ppc64le",
                        product: {
                           name: "mgrctl-0.1.7-159000.3.8.1.ppc64le",
                           product_id: "mgrctl-0.1.7-159000.3.8.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le",
                        product: {
                           name: "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le",
                           product_id: "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le",
                           product_id: "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le",
                        product: {
                           name: "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le",
                           product_id: "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                           product_id: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-159000.4.30.2.s390x",
                        product: {
                           name: "grafana-9.5.16-159000.4.30.2.s390x",
                           product_id: "grafana-9.5.16-159000.4.30.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-159000.3.8.1.s390x",
                        product: {
                           name: "mgrctl-0.1.7-159000.3.8.1.s390x",
                           product_id: "mgrctl-0.1.7-159000.3.8.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-159000.3.21.2.s390x",
                        product: {
                           name: "uyuni-base-common-5.0.2-159000.3.21.2.s390x",
                           product_id: "uyuni-base-common-5.0.2-159000.3.21.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x",
                           product_id: "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-server-5.0.2-159000.3.21.2.s390x",
                        product: {
                           name: "uyuni-base-server-5.0.2-159000.3.21.2.s390x",
                           product_id: "uyuni-base-server-5.0.2-159000.3.21.2.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                           product_id: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-159000.4.30.2.x86_64",
                        product: {
                           name: "grafana-9.5.16-159000.4.30.2.x86_64",
                           product_id: "grafana-9.5.16-159000.4.30.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-159000.3.8.1.x86_64",
                        product: {
                           name: "mgrctl-0.1.7-159000.3.8.1.x86_64",
                           product_id: "mgrctl-0.1.7-159000.3.8.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-159000.3.21.2.x86_64",
                        product: {
                           name: "uyuni-base-common-5.0.2-159000.3.21.2.x86_64",
                           product_id: "uyuni-base-common-5.0.2-159000.3.21.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64",
                           product_id: "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-server-5.0.2-159000.3.21.2.x86_64",
                        product: {
                           name: "uyuni-base-server-5.0.2-159000.3.21.2.x86_64",
                           product_id: "uyuni-base-server-5.0.2-159000.3.21.2.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 15-BETA",
                        product: {
                           name: "SUSE Manager Client Tools 15-BETA",
                           product_id: "SUSE Manager Client Tools 15-BETA",
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools Beta for SLE Micro 5",
                        product: {
                           name: "SUSE Manager Client Tools Beta for SLE Micro 5",
                           product_id: "SUSE Manager Client Tools Beta for SLE Micro 5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-manager-tools-beta-micro:5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
            },
            product_reference: "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
            },
            product_reference: "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-2.9.27-159000.3.12.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
            },
            product_reference: "ansible-2.9.27-159000.3.12.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-doc-2.9.27-159000.3.12.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
            },
            product_reference: "ansible-doc-2.9.27-159000.3.12.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-159000.4.30.2.aarch64 as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
            },
            product_reference: "grafana-9.5.16-159000.4.30.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-159000.4.30.2.ppc64le as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
            },
            product_reference: "grafana-9.5.16-159000.4.30.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-159000.4.30.2.s390x as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
            },
            product_reference: "grafana-9.5.16-159000.4.30.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-159000.4.30.2.x86_64 as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
            },
            product_reference: "grafana-9.5.16-159000.4.30.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.s390x as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-5.0.5-159000.6.48.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
            },
            product_reference: "spacecmd-5.0.5-159000.6.48.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-check-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "spacewalk-check-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
            },
            product_reference: "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch as component of SUSE Manager Client Tools 15-BETA",
               product_id: "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
            },
            product_reference: "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-159000.3.8.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
            },
            product_reference: "mgrctl-0.1.7-159000.3.8.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
               product_id: "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools Beta for SLE Micro 5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2016-8647",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8647",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8647",
               url: "https://www.suse.com/security/cve/CVE-2016-8647",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008038 for CVE-2016-8647",
               url: "https://bugzilla.suse.com/1008038",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010940 for CVE-2016-8647",
               url: "https://bugzilla.suse.com/1010940",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "low",
            },
         ],
         title: "CVE-2016-8647",
      },
      {
         cve: "CVE-2016-9587",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9587",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9587",
               url: "https://www.suse.com/security/cve/CVE-2016-9587",
            },
            {
               category: "external",
               summary: "SUSE Bug 1019021 for CVE-2016-9587",
               url: "https://bugzilla.suse.com/1019021",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "important",
            },
         ],
         title: "CVE-2016-9587",
      },
      {
         cve: "CVE-2017-7550",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7550",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7550",
               url: "https://www.suse.com/security/cve/CVE-2017-7550",
            },
            {
               category: "external",
               summary: "SUSE Bug 1035124 for CVE-2017-7550",
               url: "https://bugzilla.suse.com/1035124",
            },
            {
               category: "external",
               summary: "SUSE Bug 1065872 for CVE-2017-7550",
               url: "https://bugzilla.suse.com/1065872",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "important",
            },
         ],
         title: "CVE-2017-7550",
      },
      {
         cve: "CVE-2018-10874",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-10874",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-10874",
               url: "https://www.suse.com/security/cve/CVE-2018-10874",
            },
            {
               category: "external",
               summary: "SUSE Bug 1097775 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1097775",
            },
            {
               category: "external",
               summary: "SUSE Bug 1099805 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1099805",
            },
            {
               category: "external",
               summary: "SUSE Bug 1099808 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1099808",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "important",
            },
         ],
         title: "CVE-2018-10874",
      },
      {
         cve: "CVE-2020-14365",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-14365",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-14365",
               url: "https://www.suse.com/security/cve/CVE-2020-14365",
            },
            {
               category: "external",
               summary: "SUSE Bug 1175993 for CVE-2020-14365",
               url: "https://bugzilla.suse.com/1175993",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-14365",
      },
      {
         cve: "CVE-2023-5764",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-5764",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-5764",
               url: "https://www.suse.com/security/cve/CVE-2023-5764",
            },
            {
               category: "external",
               summary: "SUSE Bug 1216854 for CVE-2023-5764",
               url: "https://bugzilla.suse.com/1216854",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-5764",
      },
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-0690",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-0690",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
               "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
               "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
               "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
               "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-0690",
               url: "https://www.suse.com/security/cve/CVE-2024-0690",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219002 for CVE-2024-0690",
               url: "https://bugzilla.suse.com/1219002",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
                  "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
                  "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
                  "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:10:16Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-0690",
      },
   ],
}

suse-su-2024:1509-1

Vulnerability from csaf_suse

Published

2024-05-06 09:47

Modified

2024-05-06 09:47

Summary

Security update for SUSE Manager Client Tools

Notes

Title of the patch

Security update for SUSE Manager Client Tools

Description of the patch

This update fixes the following issues: POS_Image-Graphical7 was updated to version 0.1.1710765237.46af599: - Version 0.1.1710765237.46af599 * Moved image services to dracut-saltboot package * Use salt bundle - Version 0.1.1645440615.7f1328c * Removed deprecated kiwi functions POS_Image-JeOS7 was updated to version 0.1.1710765237.46af599: - Version 0.1.1710765237.46af599 * Moved image services to dracut-saltboot package * Use salt bundle - Version 0.1.1645440615.7f1328c * Removed deprecated kiwi functions ansible received the following fixes: - Security issues fixed: * CVE-2023-5764: Address issues where internal templating can cause unsafe variables to lose their unsafe designation (bsc#1216854) + Breaking changes: assert - Nested templating may result in an inability for the conditional to be evaluated. See the porting guide for more information. * CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002) * CVE-2020-14365: Ensure that packages are GPG validated (bsc#1175993) * CVE-2020-10744: Fixed insecure temporary directory creation (bsc#1171823) * CVE-2018-10874: Fixed inventory variables loading from current working directory when running ad-hoc command that can lead to code execution (bsc#1099805) - Bugs fixed: * Don't Require python-coverage, it is needed only for testing (bsc#1177948) dracut-saltboot was updated to version 0.1.1710765237.46af599: - Version 0.1.1710765237.46af599 * Load only first available leaseinfo (bsc#1221092) - Version 0.1.1681904360.84ef141 grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) - Other non-security related changes: * Version 9.5.17: + [FEATURE] Alerting: Backport use Alertmanager API v2 * Version 9.5.16: + [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Version 9.5.15: + [FEATURE] Alerting: Attempt to retry retryable errors * Version 9.5.14: + [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error + [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied + [BUGFIX] LDAP: Fix enable users on successfull login * Version 9.5.13: + [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder + [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Version 9.5.12: + [FEATURE] Azure: Add support for Workload Identity authentication * Version 9.5.9: + [FEATURE] SSE: Fix DSNode to not panic when response has empty response + [FEATURE] Prometheus: Handle the response with different field key order + [BUGFIX] LDAP: Fix user disabling mgr-daemon was updated to version 4.3.9-0: - Version 4.3.9-0 * Update translation strings spacecmd was updated to version 4.3.27-0: - Version 4.3.27-0 * Update translation strings spacewalk-client-tools was updated to version 4.3.19-0: - Version 4.3.19-0 * Update translation strings spacewalk-koan was updated to version version 4.3.6-0: - Version 4.3.6-0 * Change Docker image location for test uyuni-common-libs was updated to version 4.3.10-0: - Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-proxy-systemd-services was updated to version 4.3.12-0: - Version 4.3.12-0 * Update to SUSE Manager 4.3.12

Patchnames

SUSE-2024-1509,SUSE-SLE-Manager-Tools-15-2024-1509,SUSE-SLE-Manager-Tools-For-Micro-5-2024-1509,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1509,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1509,openSUSE-SLE-15.5-2024-1509

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for SUSE Manager Client Tools",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update fixes the following issues:\n\nPOS_Image-Graphical7 was updated to version 0.1.1710765237.46af599:\n\n- Version 0.1.1710765237.46af599\n\n  * Moved image services to dracut-saltboot package\n  * Use salt bundle\n\n- Version 0.1.1645440615.7f1328c\n\n  * Removed deprecated kiwi functions\n\nPOS_Image-JeOS7 was updated to version 0.1.1710765237.46af599:\n\n- Version 0.1.1710765237.46af599\n\n  * Moved image services to dracut-saltboot package\n  * Use salt bundle\n\n- Version 0.1.1645440615.7f1328c\n\n  * Removed deprecated kiwi functions\n\nansible received the following fixes:\n\n- Security issues fixed:\n\n  * CVE-2023-5764: Address issues where internal templating can cause unsafe\n    variables to lose their unsafe designation (bsc#1216854)\n\n    + Breaking changes:\n      assert - Nested templating may result in an inability for the conditional\n      to be evaluated. See the porting guide for more information.\n\n  * CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002)\n  * CVE-2020-14365: Ensure that packages are GPG validated (bsc#1175993)\n  * CVE-2020-10744: Fixed insecure temporary directory creation (bsc#1171823)\n  * CVE-2018-10874: Fixed inventory variables loading from current working directory when running ad-hoc command that\n    can lead to code execution (bsc#1099805)\n\n- Bugs fixed:  \n\n  * Don't Require python-coverage, it is needed only for testing (bsc#1177948)\n\ndracut-saltboot was updated to version 0.1.1710765237.46af599:\n\n- Version 0.1.1710765237.46af599\n\n  * Load only first available leaseinfo (bsc#1221092)\n\n- Version 0.1.1681904360.84ef141\n\ngrafana was updated to version 9.5.18:\n\n- Grafana now requires Go 1.20\n- Security issues fixed:\n\n  * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n\n- Other non-security related changes:\n\n  * Version 9.5.17:\n\n    + [FEATURE] Alerting: Backport use Alertmanager API v2\n\n  * Version 9.5.16:\n\n    + [BUGFIX] Annotations: Split cleanup into separate queries and\n      deletes to avoid deadlocks on MySQL\n\n  * Version 9.5.15:\n\n    + [FEATURE] Alerting: Attempt to retry retryable errors\n\n  * Version 9.5.14:\n\n    + [BUGFIX] Alerting: Fix state manager to not keep\n      datasource_uid and ref_id labels in state after Error\n    + [BUGFIX] Transformations: Config overrides being lost when\n      config from query transform is applied\n    + [BUGFIX] LDAP: Fix enable users on successfull login\n\n  * Version 9.5.13:\n\n    + [BUGFIX] BrowseDashboards: Only remember the most recent\n      expanded folder\n    + [BUGFIX] Licensing: Pass func to update env variables when\n      starting plugin\n\n  * Version 9.5.12:\n\n    + [FEATURE] Azure: Add support for Workload Identity\n      authentication\n\n  * Version 9.5.9:\n\n    + [FEATURE] SSE: Fix DSNode to not panic when response has empty\n      response\n    + [FEATURE] Prometheus: Handle the response with different field\n      key order\n    + [BUGFIX] LDAP: Fix user disabling\n\nmgr-daemon was updated to version 4.3.9-0:\n\n- Version 4.3.9-0\n\n  * Update translation strings\n\nspacecmd was updated to version 4.3.27-0:\n\n- Version 4.3.27-0\n\n  * Update translation strings\n\nspacewalk-client-tools was updated to version 4.3.19-0:\n\n- Version 4.3.19-0\n\n  * Update translation strings\n\nspacewalk-koan was updated to version version 4.3.6-0:\n\n- Version 4.3.6-0\n\n  * Change Docker image location for test\n\nuyuni-common-libs was updated to version 4.3.10-0:\n\n- Version 4.3.10-0\n\n  * Add support for package signature type V4 RSA/SHA384\n  * Add support for package signature type V4 RSA/SHA512 (bsc#1221465)\n\nuyuni-proxy-systemd-services was updated to version 4.3.12-0:\n\n- Version 4.3.12-0\n\n  * Update to SUSE Manager 4.3.12\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1509,SUSE-SLE-Manager-Tools-15-2024-1509,SUSE-SLE-Manager-Tools-For-Micro-5-2024-1509,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1509,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1509,openSUSE-SLE-15.5-2024-1509",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1509-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1509-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241509-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1509-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-May/035168.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008037",
            url: "https://bugzilla.suse.com/1008037",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008038",
            url: "https://bugzilla.suse.com/1008038",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010940",
            url: "https://bugzilla.suse.com/1010940",
         },
         {
            category: "self",
            summary: "SUSE Bug 1019021",
            url: "https://bugzilla.suse.com/1019021",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038785",
            url: "https://bugzilla.suse.com/1038785",
         },
         {
            category: "self",
            summary: "SUSE Bug 1059235",
            url: "https://bugzilla.suse.com/1059235",
         },
         {
            category: "self",
            summary: "SUSE Bug 1099805",
            url: "https://bugzilla.suse.com/1099805",
         },
         {
            category: "self",
            summary: "SUSE Bug 1166389",
            url: "https://bugzilla.suse.com/1166389",
         },
         {
            category: "self",
            summary: "SUSE Bug 1171823",
            url: "https://bugzilla.suse.com/1171823",
         },
         {
            category: "self",
            summary: "SUSE Bug 1174145",
            url: "https://bugzilla.suse.com/1174145",
         },
         {
            category: "self",
            summary: "SUSE Bug 1174302",
            url: "https://bugzilla.suse.com/1174302",
         },
         {
            category: "self",
            summary: "SUSE Bug 1175993",
            url: "https://bugzilla.suse.com/1175993",
         },
         {
            category: "self",
            summary: "SUSE Bug 1177948",
            url: "https://bugzilla.suse.com/1177948",
         },
         {
            category: "self",
            summary: "SUSE Bug 1216854",
            url: "https://bugzilla.suse.com/1216854",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219002",
            url: "https://bugzilla.suse.com/1219002",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1221092",
            url: "https://bugzilla.suse.com/1221092",
         },
         {
            category: "self",
            summary: "SUSE Bug 1221465",
            url: "https://bugzilla.suse.com/1221465",
         },
         {
            category: "self",
            summary: "SUSE Bug 1222155",
            url: "https://bugzilla.suse.com/1222155",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8614 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8614/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8628 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8628/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8647 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8647/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9587 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9587/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7550 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7550/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-10874 page",
            url: "https://www.suse.com/security/cve/CVE-2018-10874/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-10744 page",
            url: "https://www.suse.com/security/cve/CVE-2020-10744/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-14330 page",
            url: "https://www.suse.com/security/cve/CVE-2020-14330/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-14332 page",
            url: "https://www.suse.com/security/cve/CVE-2020-14332/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-14365 page",
            url: "https://www.suse.com/security/cve/CVE-2020-14365/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2020-1753 page",
            url: "https://www.suse.com/security/cve/CVE-2020-1753/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-5764 page",
            url: "https://www.suse.com/security/cve/CVE-2023-5764/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-0690 page",
            url: "https://www.suse.com/security/cve/CVE-2024-0690/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-1313 page",
            url: "https://www.suse.com/security/cve/CVE-2024-1313/",
         },
      ],
      title: "Security update for SUSE Manager Client Tools",
      tracking: {
         current_release_date: "2024-05-06T09:47:44Z",
         generator: {
            date: "2024-05-06T09:47:44Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1509-1",
         initial_release_date: "2024-05-06T09:47:44Z",
         revision_history: [
            {
               date: "2024-05-06T09:47:44Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                           product_id: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150000.1.63.2.aarch64",
                        product: {
                           name: "grafana-9.5.18-150000.1.63.2.aarch64",
                           product_id: "grafana-9.5.18-150000.1.63.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                           product_id: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                        product: {
                           name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                           product_id: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.i586",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.i586",
                           product_id: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150000.1.63.2.i586",
                        product: {
                           name: "grafana-9.5.18-150000.1.63.2.i586",
                           product_id: "grafana-9.5.18-150000.1.63.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                           product_id: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                        product: {
                           name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                           product_id: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                        product: {
                           name: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                           product_id: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                        product: {
                           name: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                           product_id: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-2.9.27-150000.1.17.2.noarch",
                        product: {
                           name: "ansible-2.9.27-150000.1.17.2.noarch",
                           product_id: "ansible-2.9.27-150000.1.17.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-doc-2.9.27-150000.1.17.2.noarch",
                        product: {
                           name: "ansible-doc-2.9.27-150000.1.17.2.noarch",
                           product_id: "ansible-doc-2.9.27-150000.1.17.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ansible-test-2.9.27-150000.1.17.2.noarch",
                        product: {
                           name: "ansible-test-2.9.27-150000.1.17.2.noarch",
                           product_id: "ansible-test-2.9.27-150000.1.17.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                        product: {
                           name: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                           product_id: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgr-daemon-4.3.9-150000.1.47.2.noarch",
                        product: {
                           name: "mgr-daemon-4.3.9-150000.1.47.2.noarch",
                           product_id: "mgr-daemon-4.3.9-150000.1.47.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                           product_id: "python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                           product_id: "python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                           product_id: "python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                        product: {
                           name: "python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                           product_id: "python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-4.3.27-150000.3.116.2.noarch",
                        product: {
                           name: "spacecmd-4.3.27-150000.3.116.2.noarch",
                           product_id: "spacecmd-4.3.27-150000.3.116.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-check-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "spacewalk-check-4.3.19-150000.3.89.2.noarch",
                           product_id: "spacewalk-check-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                           product_id: "spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                        product: {
                           name: "spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                           product_id: "spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                        product: {
                           name: "spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                           product_id: "spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                        product: {
                           name: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                           product_id: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                           product_id: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150000.1.63.2.ppc64le",
                        product: {
                           name: "grafana-9.5.18-150000.1.63.2.ppc64le",
                           product_id: "grafana-9.5.18-150000.1.63.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                           product_id: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                        product: {
                           name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                           product_id: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                           product_id: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150000.1.63.2.s390x",
                        product: {
                           name: "grafana-9.5.18-150000.1.63.2.s390x",
                           product_id: "grafana-9.5.18-150000.1.63.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                           product_id: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                        product: {
                           name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                           product_id: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                           product_id: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150000.1.63.2.x86_64",
                        product: {
                           name: "grafana-9.5.18-150000.1.63.2.x86_64",
                           product_id: "grafana-9.5.18-150000.1.63.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                           product_id: "python2-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                        product: {
                           name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                           product_id: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 15",
                        product: {
                           name: "SUSE Manager Client Tools 15",
                           product_id: "SUSE Manager Client Tools 15",
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools for SLE Micro 5",
                        product: {
                           name: "SUSE Manager Client Tools for SLE Micro 5",
                           product_id: "SUSE Manager Client Tools for SLE Micro 5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-manager-tools-micro:5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Proxy Module 4.3",
                        product: {
                           name: "SUSE Manager Proxy Module 4.3",
                           product_id: "SUSE Manager Proxy Module 4.3",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.5",
                        product: {
                           name: "openSUSE Leap 15.5",
                           product_id: "openSUSE Leap 15.5",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            },
            product_reference: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            },
            product_reference: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-2.9.27-150000.1.17.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-doc-2.9.27-150000.1.17.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-doc-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150000.1.63.2.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
            },
            product_reference: "grafana-9.5.18-150000.1.63.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150000.1.63.2.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
            },
            product_reference: "grafana-9.5.18-150000.1.63.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150000.1.63.2.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
            },
            product_reference: "grafana-9.5.18-150000.1.63.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150000.1.63.2.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
            },
            product_reference: "grafana-9.5.18-150000.1.63.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgr-daemon-4.3.9-150000.1.47.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
            },
            product_reference: "mgr-daemon-4.3.9-150000.1.47.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-check-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
            },
            product_reference: "python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
            },
            product_reference: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
            },
            product_reference: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
            },
            product_reference: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
            },
            product_reference: "python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-4.3.27-150000.3.116.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
            },
            product_reference: "spacecmd-4.3.27-150000.3.116.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-check-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "spacewalk-check-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-setup-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-tools-4.3.19-150000.3.89.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
            },
            product_reference: "spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-koan-4.3.6-150000.3.33.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
            },
            product_reference: "spacewalk-koan-4.3.6-150000.3.33.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            },
            product_reference: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            },
            product_reference: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-2.9.27-150000.1.17.2.noarch as component of SUSE Manager Proxy Module 4.3",
               product_id: "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "SUSE Manager Proxy Module 4.3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-doc-2.9.27-150000.1.17.2.noarch as component of SUSE Manager Proxy Module 4.3",
               product_id: "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-doc-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "SUSE Manager Proxy Module 4.3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch as component of SUSE Manager Proxy Module 4.3",
               product_id: "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            },
            product_reference: "uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
            relates_to_product_reference: "SUSE Manager Proxy Module 4.3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            },
            product_reference: "POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            },
            product_reference: "POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-2.9.27-150000.1.17.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-doc-2.9.27-150000.1.17.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-doc-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "ansible-test-2.9.27-150000.1.17.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
            },
            product_reference: "ansible-test-2.9.27-150000.1.17.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64 as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64 as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-4.3.27-150000.3.116.2.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            },
            product_reference: "spacecmd-4.3.27-150000.3.116.2.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2016-8614",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8614",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8614",
               url: "https://www.suse.com/security/cve/CVE-2016-8614",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008038 for CVE-2016-8614",
               url: "https://bugzilla.suse.com/1008038",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8614",
      },
      {
         cve: "CVE-2016-8628",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8628",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8628",
               url: "https://www.suse.com/security/cve/CVE-2016-8628",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008037 for CVE-2016-8628",
               url: "https://bugzilla.suse.com/1008037",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8628",
      },
      {
         cve: "CVE-2016-8647",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8647",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8647",
               url: "https://www.suse.com/security/cve/CVE-2016-8647",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008038 for CVE-2016-8647",
               url: "https://bugzilla.suse.com/1008038",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010940 for CVE-2016-8647",
               url: "https://bugzilla.suse.com/1010940",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "low",
            },
         ],
         title: "CVE-2016-8647",
      },
      {
         cve: "CVE-2016-9587",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9587",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9587",
               url: "https://www.suse.com/security/cve/CVE-2016-9587",
            },
            {
               category: "external",
               summary: "SUSE Bug 1019021 for CVE-2016-9587",
               url: "https://bugzilla.suse.com/1019021",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "important",
            },
         ],
         title: "CVE-2016-9587",
      },
      {
         cve: "CVE-2017-7550",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7550",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7550",
               url: "https://www.suse.com/security/cve/CVE-2017-7550",
            },
            {
               category: "external",
               summary: "SUSE Bug 1035124 for CVE-2017-7550",
               url: "https://bugzilla.suse.com/1035124",
            },
            {
               category: "external",
               summary: "SUSE Bug 1065872 for CVE-2017-7550",
               url: "https://bugzilla.suse.com/1065872",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "important",
            },
         ],
         title: "CVE-2017-7550",
      },
      {
         cve: "CVE-2018-10874",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-10874",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-10874",
               url: "https://www.suse.com/security/cve/CVE-2018-10874",
            },
            {
               category: "external",
               summary: "SUSE Bug 1097775 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1097775",
            },
            {
               category: "external",
               summary: "SUSE Bug 1099805 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1099805",
            },
            {
               category: "external",
               summary: "SUSE Bug 1099808 for CVE-2018-10874",
               url: "https://bugzilla.suse.com/1099808",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "important",
            },
         ],
         title: "CVE-2018-10874",
      },
      {
         cve: "CVE-2020-10744",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-10744",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-10744",
               url: "https://www.suse.com/security/cve/CVE-2020-10744",
            },
            {
               category: "external",
               summary: "SUSE Bug 1171823 for CVE-2020-10744",
               url: "https://bugzilla.suse.com/1171823",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-10744",
      },
      {
         cve: "CVE-2020-14330",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-14330",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-14330",
               url: "https://www.suse.com/security/cve/CVE-2020-14330",
            },
            {
               category: "external",
               summary: "SUSE Bug 1174145 for CVE-2020-14330",
               url: "https://bugzilla.suse.com/1174145",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-14330",
      },
      {
         cve: "CVE-2020-14332",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-14332",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-14332",
               url: "https://www.suse.com/security/cve/CVE-2020-14332",
            },
            {
               category: "external",
               summary: "SUSE Bug 1174302 for CVE-2020-14332",
               url: "https://bugzilla.suse.com/1174302",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-14332",
      },
      {
         cve: "CVE-2020-14365",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-14365",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-14365",
               url: "https://www.suse.com/security/cve/CVE-2020-14365",
            },
            {
               category: "external",
               summary: "SUSE Bug 1175993 for CVE-2020-14365",
               url: "https://bugzilla.suse.com/1175993",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-14365",
      },
      {
         cve: "CVE-2020-1753",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2020-1753",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2020-1753",
               url: "https://www.suse.com/security/cve/CVE-2020-1753",
            },
            {
               category: "external",
               summary: "SUSE Bug 1166389 for CVE-2020-1753",
               url: "https://bugzilla.suse.com/1166389",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2020-1753",
      },
      {
         cve: "CVE-2023-5764",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-5764",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-5764",
               url: "https://www.suse.com/security/cve/CVE-2023-5764",
            },
            {
               category: "external",
               summary: "SUSE Bug 1216854 for CVE-2023-5764",
               url: "https://bugzilla.suse.com/1216854",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-5764",
      },
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-0690",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-0690",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-0690",
               url: "https://www.suse.com/security/cve/CVE-2024-0690",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219002 for CVE-2024-0690",
               url: "https://bugzilla.suse.com/1219002",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-0690",
      },
      {
         cve: "CVE-2024-1313",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.\n\nGrafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.\n\nThis issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
               "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
               "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
               "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
               "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
               "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
               "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
               "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
               "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
               "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
               "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-1313",
               url: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1222155 for CVE-2024-1313",
               url: "https://bugzilla.suse.com/1222155",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "SUSE Manager Client Tools 15:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.aarch64",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.s390x",
                  "SUSE Manager Client Tools 15:grafana-9.5.18-150000.1.63.2.x86_64",
                  "SUSE Manager Client Tools 15:mgr-daemon-4.3.9-150000.1.47.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:python3-spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.aarch64",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.ppc64le",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.s390x",
                  "SUSE Manager Client Tools 15:python3-uyuni-common-libs-4.3.10-150000.1.39.2.x86_64",
                  "SUSE Manager Client Tools 15:spacecmd-4.3.27-150000.3.116.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-check-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.19-150000.3.89.2.noarch",
                  "SUSE Manager Client Tools 15:spacewalk-koan-4.3.6-150000.3.33.2.noarch",
                  "SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.12-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2.noarch",
                  "openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2.noarch",
                  "openSUSE Leap 15.5:dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2.noarch",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.aarch64",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.ppc64le",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.s390x",
                  "openSUSE Leap 15.5:golang-github-prometheus-promu-0.14.0-150000.3.18.2.x86_64",
                  "openSUSE Leap 15.5:spacecmd-4.3.27-150000.3.116.2.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:47:44Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-1313",
      },
   ],
}

suse-su-2024:1508-1

Vulnerability from csaf_suse

Published

2024-05-06 09:46

Modified

2024-05-06 09:46

Summary

Security update for SUSE Manager Client Tools

Notes

Title of the patch

Security update for SUSE Manager Client Tools

Description of the patch

This update fixes the following issues: golang-github-prometheus-node_exporter: - Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 - Update to 1.6.1: (no source code changes in this release) - BuildRequire go1.20 - Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 - Change go_modules archive in _service to use obscpio file grafana: - Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically - Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) - Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 - Require Go 1.20 - Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL - Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors - Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login - Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin - Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication - Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling mgr-daemon: - Version 4.3.9-0 * Update translation strings spacecmd: - Version 4.3.27-0 * Update translation strings spacewalk-client-tools: - Version 4.3.19-0 * Update translation strings spacewalk-koan: - Version 4.3.6-0 * Change Docker image location for test uyuni-common-libs: - Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465)

Patchnames

SUSE-2024-1508,SUSE-SLE-Manager-Tools-12-2024-1508,SUSE-SLE-SERVER-12-SP5-2024-1508

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for SUSE Manager Client Tools",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\nThis update fixes the following issues:\n\ngolang-github-prometheus-node_exporter:\n\n- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):\n  * [FEATURE] Add ZFS freebsd per dataset stats #2753\n  * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721\n  * [ENHANCEMENT] Parallelize stat calls in Linux filesystem\n    collector #1772\n  * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711\n  * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric\n    #2778\n  * [ENHANCEMENT] Improve qdisc collector performance #2779\n  * [ENHANCEMENT] Add include and exclude filter for hwmon\n    collector #2699\n  * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead\n    of procfs #2777\n  * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754\n  * [BUGFIX] Fallback to 32-bit stats in netdev #2757\n  * [BUGFIX] Close btrfs.FS handle after use #2780\n  * [BUGFIX] Move RO status before error return #2807\n  * [BUFFIX] Fix promhttp_metric_handler_errors_total being always\n    active #2808\n  * [BUGFIX] Fix nfsd v4 index miss #2824\n- Update to 1.6.1:\n  (no source code changes in this release)\n- BuildRequire go1.20\n- Update to 1.6.0:\n  * [CHANGE] Fix cpustat when some cpus are offline #2318\n  * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605\n  * [CHANGE] Deprecate ntp collector #2603\n  * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583\n  * [CHANGE] Deprecate supervisord collector #2685\n  * [FEATURE] Enable uname collector on NetBSD #2559\n  * [FEATURE] NetBSD support for the meminfo collector #2570\n  * [FEATURE] NetBSD support for CPU collector #2626\n  * [FEATURE] Add FreeBSD collector for netisr subsystem #2668\n  * [FEATURE] Add softirqs collector #2669\n  * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449\n  * [ENHANCEMENT] Add administrative state of Linux network\n    interfaces #2515\n  * [ENHANCEMENT] Log current value of GOMAXPROCS #2537\n  * [ENHANCEMENT] Add profiler options for perf collector #2542\n  * [ENHANCEMENT] Allow root path as metrics path #2590\n  * [ENHANCEMENT] Add cpu frequency governor metrics #2569\n  * [ENHANCEMENT] Add new landing page #2622\n  * [ENHANCEMENT] Reduce privileges needed for btrfs device stats\n    #2634\n  * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687\n  * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats\n    #2612\n  * [ENHANCEMENT] Read missing from netlink netclass attributes\n    from sysfs #2669\n  * [BUGFIX] perf: fixes for automatically detecting the correct\n    tracefs mountpoints #2553\n  * [BUGFIX] Fix `thermal_zone` collector noise @2554\n  * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD\n    2584\n  * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631\n  * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605\n  * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637\n  * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in\n    OpenBSD #2663\n- Change go_modules archive in _service to use obscpio file\n\ngrafana:\n\n- Packaging improvements:\n  * Changed deprecated `disabled` service mode to `manual`\n  * Drop golang-packaging macros\n  * Drop explicit mod=vendor as it is enabled automatically\n- Update to version 9.5.18:\n  * [SECURITY] CVE-2024-1313: Require same organisation when\n    deleting snapshots (bsc#1222155)\n- Update to version 9.5.17:\n  * [FEATURE] Alerting: Backport use Alertmanager API v2\n- Require Go 1.20\n- Update to version 9.5.16:\n  * [SECURITY] CVE-2023-6152: Add email verification when updating\n    user email (bsc#1219912)\n  * [BUGFIX] Annotations: Split cleanup into separate queries and\n    deletes to avoid deadlocks on MySQL\n- Update to version 9.5.15:\n  * [FEATURE] Alerting: Attempt to retry retryable errors\n- Update to version 9.5.14:\n  * [BUGFIX] Alerting: Fix state manager to not keep\n    datasource_uid and ref_id labels in state after Error\n  * [BUGFIX] Transformations: Config overrides being lost when\n    config from query transform is applied\n  * [BUGFIX] LDAP: Fix enable users on successfull login\n- Update to version 9.5.13:\n  * [BUGFIX] BrowseDashboards: Only remember the most recent\n    expanded folder\n  * [BUGFIX] Licensing: Pass func to update env variables when\n    starting plugin\n- Update to version 9.5.12:\n  * [FEATURE] Azure: Add support for Workload Identity\n    authentication\n- Update to version 9.5.9:\n  * [FEATURE] SSE: Fix DSNode to not panic when response has empty\n    response\n  * [FEATURE] Prometheus: Handle the response with different field\n    key order\n  * [BUGFIX] LDAP: Fix user disabling\n\nmgr-daemon:\n\n- Version 4.3.9-0\n  * Update translation strings\n\nspacecmd:\n\n- Version 4.3.27-0\n  * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 4.3.19-0\n  * Update translation strings\n\nspacewalk-koan:\n\n- Version 4.3.6-0\n  * Change Docker image location for test\n\nuyuni-common-libs:\n\n- Version 4.3.10-0\n  * Add support for package signature type V4 RSA/SHA384\n  * Add support for package signature type V4 RSA/SHA512 (bsc#1221465)\n\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1508,SUSE-SLE-Manager-Tools-12-2024-1508,SUSE-SLE-SERVER-12-SP5-2024-1508",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1508-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1508-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241508-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1508-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-May/035169.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1221465",
            url: "https://bugzilla.suse.com/1221465",
         },
         {
            category: "self",
            summary: "SUSE Bug 1222155",
            url: "https://bugzilla.suse.com/1222155",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-1313 page",
            url: "https://www.suse.com/security/cve/CVE-2024-1313/",
         },
      ],
      title: "Security update for SUSE Manager Client Tools",
      tracking: {
         current_release_date: "2024-05-06T09:46:36Z",
         generator: {
            date: "2024-05-06T09:46:36Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1508-1",
         initial_release_date: "2024-05-06T09:46:36Z",
         revision_history: [
            {
               date: "2024-05-06T09:46:36Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                           product_id: "golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-1.63.1.aarch64",
                        product: {
                           name: "grafana-9.5.18-1.63.1.aarch64",
                           product_id: "grafana-9.5.18-1.63.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.i586",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.i586",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.i586",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.i586",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-1.18.1.i586",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-1.18.1.i586",
                           product_id: "golang-github-prometheus-promu-0.14.0-1.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-1.63.1.i586",
                        product: {
                           name: "grafana-9.5.18-1.63.1.i586",
                           product_id: "grafana-9.5.18-1.63.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.i586",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.i586",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mgr-daemon-4.3.9-1.47.1.noarch",
                        product: {
                           name: "mgr-daemon-4.3.9-1.47.1.noarch",
                           product_id: "mgr-daemon-4.3.9-1.47.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-check-4.3.19-52.98.1.noarch",
                        product: {
                           name: "python2-spacewalk-check-4.3.19-52.98.1.noarch",
                           product_id: "python2-spacewalk-check-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                        product: {
                           name: "python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                           product_id: "python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                        product: {
                           name: "python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                           product_id: "python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                        product: {
                           name: "python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                           product_id: "python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-4.3.27-38.139.1.noarch",
                        product: {
                           name: "spacecmd-4.3.27-38.139.1.noarch",
                           product_id: "spacecmd-4.3.27-38.139.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-check-4.3.19-52.98.1.noarch",
                        product: {
                           name: "spacewalk-check-4.3.19-52.98.1.noarch",
                           product_id: "spacewalk-check-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-setup-4.3.19-52.98.1.noarch",
                        product: {
                           name: "spacewalk-client-setup-4.3.19-52.98.1.noarch",
                           product_id: "spacewalk-client-setup-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-tools-4.3.19-52.98.1.noarch",
                        product: {
                           name: "spacewalk-client-tools-4.3.19-52.98.1.noarch",
                           product_id: "spacewalk-client-tools-4.3.19-52.98.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-koan-4.3.6-24.36.1.noarch",
                        product: {
                           name: "spacewalk-koan-4.3.6-24.36.1.noarch",
                           product_id: "spacewalk-koan-4.3.6-24.36.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                           product_id: "golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-1.63.1.ppc64le",
                        product: {
                           name: "grafana-9.5.18-1.63.1.ppc64le",
                           product_id: "grafana-9.5.18-1.63.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.s390",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.s390",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.s390",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                           product_id: "golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-1.63.1.s390x",
                        product: {
                           name: "grafana-9.5.18-1.63.1.s390x",
                           product_id: "grafana-9.5.18-1.63.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                           product_id: "golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-1.63.1.x86_64",
                        product: {
                           name: "grafana-9.5.18-1.63.1.x86_64",
                           product_id: "grafana-9.5.18-1.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                        product: {
                           name: "python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                           product_id: "python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 12",
                        product: {
                           name: "SUSE Manager Client Tools 12",
                           product_id: "SUSE Manager Client Tools 12",
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server 12 SP5",
                           product_id: "SUSE Linux Enterprise Server 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles:12:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:12:sp5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-1.18.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-1.18.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-1.18.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-1.63.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
            },
            product_reference: "grafana-9.5.18-1.63.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-1.63.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
            },
            product_reference: "grafana-9.5.18-1.63.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-1.63.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
            },
            product_reference: "grafana-9.5.18-1.63.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-1.63.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
            },
            product_reference: "grafana-9.5.18-1.63.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgr-daemon-4.3.9-1.47.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
            },
            product_reference: "mgr-daemon-4.3.9-1.47.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-check-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
            },
            product_reference: "python2-spacewalk-check-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-client-setup-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
            },
            product_reference: "python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-client-tools-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
            },
            product_reference: "python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-koan-4.3.6-24.36.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
            },
            product_reference: "python2-spacewalk-koan-4.3.6-24.36.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-uyuni-common-libs-4.3.10-1.39.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
            },
            product_reference: "python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
            },
            product_reference: "python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-uyuni-common-libs-4.3.10-1.39.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
            },
            product_reference: "python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-uyuni-common-libs-4.3.10-1.39.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
            },
            product_reference: "python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-4.3.27-38.139.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
            },
            product_reference: "spacecmd-4.3.27-38.139.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-check-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
            },
            product_reference: "spacewalk-check-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-setup-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
            },
            product_reference: "spacewalk-client-setup-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-tools-4.3.19-52.98.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
            },
            product_reference: "spacewalk-client-tools-4.3.19-52.98.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-koan-4.3.6-24.36.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
            },
            product_reference: "spacewalk-koan-4.3.6-24.36.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
               product_id: "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
               "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
               "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
                  "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                  "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
                  "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                  "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:46:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-1313",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.\n\nGrafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.\n\nThis issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
               "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
               "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
               "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
               "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
               "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-1313",
               url: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1222155 for CVE-2024-1313",
               url: "https://bugzilla.suse.com/1222155",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
                  "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                  "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP5:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.27.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-node_exporter-1.7.0-1.30.2.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.14.0-1.18.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.aarch64",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.s390x",
                  "SUSE Manager Client Tools 12:grafana-9.5.18-1.63.1.x86_64",
                  "SUSE Manager Client Tools 12:mgr-daemon-4.3.9-1.47.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:python2-spacewalk-koan-4.3.6-24.36.1.noarch",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.aarch64",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.ppc64le",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.s390x",
                  "SUSE Manager Client Tools 12:python2-uyuni-common-libs-4.3.10-1.39.1.x86_64",
                  "SUSE Manager Client Tools 12:spacecmd-4.3.27-38.139.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-check-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.19-52.98.1.noarch",
                  "SUSE Manager Client Tools 12:spacewalk-koan-4.3.6-24.36.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:46:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-1313",
      },
   ],
}

suse-su-2024:1530-2

Vulnerability from csaf_suse

Published

2024-06-24 16:19

Modified

2024-06-24 16:19

Summary

Security update for grafana and mybatis

Notes

Title of the patch

Security update for grafana and mybatis

Description of the patch

This update for grafana and mybatis fixes the following issues: grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) - Other non-security related changes: * Version 9.5.17: + [FEATURE] Alerting: Backport use Alertmanager API v2 * Version 9.5.16: + [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Version 9.5.15: + [FEATURE] Alerting: Attempt to retry retryable errors * Version 9.5.14: + [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error + [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied + [BUGFIX] LDAP: Fix enable users on successfull login * Version 9.5.13: + [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder + [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Version 9.5.12: + [FEATURE] Azure: Add support for Workload Identity authentication * Version 9.5.9: + [FEATURE] SSE: Fix DSNode to not panic when response has empty response + [FEATURE] Prometheus: Handle the response with different field key order + [BUGFIX] LDAP: Fix user disabling mybatis: - `apache-commons-ognl` is now a non-optional dependency - Fixed building with log4j v1 and v2 dependencies

Patchnames

SUSE-2024-1530,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1530,openSUSE-SLE-15.6-2024-1530

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for grafana and mybatis",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for grafana and mybatis fixes the following issues:\n\ngrafana was updated to version 9.5.18:\n\n- Grafana now requires Go 1.20\n- Security issues fixed:\n\n  * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n\n- Other non-security related changes:\n\n  * Version 9.5.17:\n\n    + [FEATURE] Alerting: Backport use Alertmanager API v2\n\n  * Version 9.5.16:\n\n    + [BUGFIX] Annotations: Split cleanup into separate queries and\n      deletes to avoid deadlocks on MySQL\n\n  * Version 9.5.15:\n\n    + [FEATURE] Alerting: Attempt to retry retryable errors\n\n  * Version 9.5.14:\n\n    + [BUGFIX] Alerting: Fix state manager to not keep\n      datasource_uid and ref_id labels in state after Error\n    + [BUGFIX] Transformations: Config overrides being lost when\n      config from query transform is applied\n    + [BUGFIX] LDAP: Fix enable users on successfull login\n\n  * Version 9.5.13:\n\n    + [BUGFIX] BrowseDashboards: Only remember the most recent\n      expanded folder\n    + [BUGFIX] Licensing: Pass func to update env variables when\n      starting plugin\n\n  * Version 9.5.12:\n\n    + [FEATURE] Azure: Add support for Workload Identity\n      authentication\n\n  * Version 9.5.9:\n\n    + [FEATURE] SSE: Fix DSNode to not panic when response has empty\n      response\n    + [FEATURE] Prometheus: Handle the response with different field\n      key order\n    + [BUGFIX] LDAP: Fix user disabling\n\n\nmybatis:\n\n- `apache-commons-ognl` is now a non-optional dependency\n- Fixed building with log4j v1 and v2 dependencies\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1530,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1530,openSUSE-SLE-15.6-2024-1530",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1530-2.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1530-2",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241530-2/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1530-2",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-June/035719.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1222155",
            url: "https://bugzilla.suse.com/1222155",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-1313 page",
            url: "https://www.suse.com/security/cve/CVE-2024-1313/",
         },
      ],
      title: "Security update for grafana and mybatis",
      tracking: {
         current_release_date: "2024-06-24T16:19:43Z",
         generator: {
            date: "2024-06-24T16:19:43Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1530-2",
         initial_release_date: "2024-06-24T16:19:43Z",
         revision_history: [
            {
               date: "2024-06-24T16:19:43Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.aarch64",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.aarch64",
                           product_id: "grafana-9.5.18-150200.3.56.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.i586",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.i586",
                           product_id: "grafana-9.5.18-150200.3.56.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mybatis-3.5.6-150200.5.6.1.noarch",
                        product: {
                           name: "mybatis-3.5.6-150200.5.6.1.noarch",
                           product_id: "mybatis-3.5.6-150200.5.6.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                        product: {
                           name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                           product_id: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.ppc64le",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.ppc64le",
                           product_id: "grafana-9.5.18-150200.3.56.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.s390x",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.s390x",
                           product_id: "grafana-9.5.18-150200.3.56.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.x86_64",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.x86_64",
                           product_id: "grafana-9.5.18-150200.3.56.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.6",
                        product: {
                           name: "openSUSE Leap 15.6",
                           product_id: "openSUSE Leap 15.6",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mybatis-3.5.6-150200.5.6.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
            },
            product_reference: "mybatis-3.5.6-150200.5.6.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            },
            product_reference: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
               "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-06-24T16:19:43Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-1313",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.\n\nGrafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.\n\nThis issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
               "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
               "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-1313",
               url: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1222155 for CVE-2024-1313",
               url: "https://bugzilla.suse.com/1222155",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.6:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.6:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.6:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-06-24T16:19:43Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-1313",
      },
   ],
}

suse-su-2025:0525-1

Vulnerability from csaf_suse

Published

2025-02-14 07:18

Modified

2025-02-14 07:18

Summary

Security update for SUSE Manager Client Tools

Notes

Title of the patch

Security update for SUSE Manager Client Tools

Description of the patch

This update fixes the following issues: dracut-saltboot was updated to version 0.1.1728559936.c16d4fb: - Added MAC based terminal naming option (jsc#SUMA-314) golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649): - Security issues fixed: * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling (bsc#1232970) - Highlights of other changes: * Performance: + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations. + Default GOGC value lowered to 75 for better memory management. + Option to limit memory usage from dropped targets added. * New Features: + Experimental OpenTelemetry ingestion. + Automatic memory limit handling. + Native histogram support, including new functions, UI enhancements, and improved scraping. + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option. + Expanded service discovery options with added metadata and support for new services. + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping. * Bug Fixes: + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery. * For a detailed list of changes consult the package changelog or https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3 grafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649): - Security issues fixed: * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto (bsc#1234554) * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301) * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024) - Potential breaking changes in version 10: * In panels using the `extract fields` transformation, where one of the extracted names collides with one of the already existing ields, the extracted field will be renamed. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. To resolve this either: update transformation or field override. * For the existing backend mode users who have Transformations with the `time` field, might see their transformations are not working. Those panels that have broken transformations will fail to render. This is because we changed the field key. To resolve this either: Remove the affected panel and re-create it; Select the `Time` field again; Edit the `time` field as `Time` for transformation in `panel.json` or `dashboard.json` * The following data source permission endpoints have been removed: `GET /datasources/:datasourceId/permissions` `POST /api/datasources/:datasourceId/permissions` `DELETE /datasources/:datasourceId/permissions` `POST /datasources/:datasourceId/enable-permissions` `POST /datasources/:datasourceId/disable-permissions` + Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your provider. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. Dashboard information can be retrieved from the `/dashboard/...` APIs. * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID` * Removed all components for the old panel header design. * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/ for more details * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta, and Generic OAuth. To avoid overriding manually set roles, enable the skip_org_role_sync option in the Grafana configuration for your OAuth provider before upgrading * Angular has been deprecated * Grafana legacy alerting has been deprecated * API keys are migrating to service accounts * The experimental “dashboard previews” feature is removed * Usernames are now case-insensitive by default * Grafana OAuth integrations do not work anymore with email lookups * The “Alias” field in the CloudWatch data source is removed * Athena data source plugin must be updated to version >=2.9.3 * Redshift data source plugin must be updated to version >=1.8.3 * DoiT International BigQuery plugin no longer supported * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0 for more details - This update brings many new features, enhancements and fixes highlighted at: * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/: spacecmd was updated to version 5.0.11-0: - Updated translation strings supportutils-plugin-salt was updated to version 1.2.3: - Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145) - Provide backwards-compatible scripts version supportutils-plugin-susemanager-client was updated to version 5.0.4-0: - Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145) uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: - Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) - Other changes and bugs fixed: * Version 0.1.27-0 + Bump the default image tag to 5.0.3 + IsInstalled function fix + Run systemctl daemon-reload after changing the container image config (bsc#1233279) + Coco-replicas-upgrade + Persist search server indexes (bsc#1231759) + Sync deletes files during migration (bsc#1233660) + Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) + Add --registry back to mgrpxy (bsc#1233202) + Only add java.hostname on migrated server if not present + Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) + Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) + Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 + Ignore all zypper caches during migration (bsc#1232769) + Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 + Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 + Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

Patchnames

SUSE-2025-525,SUSE-SLE-Manager-Tools-15-2025-525,SUSE-SLE-Manager-Tools-For-Micro-5-2025-525,SUSE-SLE-Module-Basesystem-15-SP6-2025-525,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-525,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-525,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-525,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-525,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-525,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-525,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-525,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-525,SUSE-Storage-7.1-2025-525,openSUSE-SLE-15.6-2025-525

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for SUSE Manager Client Tools",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update fixes the following issues:\n\ndracut-saltboot was updated to version 0.1.1728559936.c16d4fb:\n\n- Added MAC based terminal naming option (jsc#SUMA-314)\n\ngolang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error\n    handling (bsc#1232970)\n\n- Highlights of other changes:\n  * Performance: \n    + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and \n      remote write operations.\n    + Default GOGC value lowered to 75 for better memory management. \n    + Option to limit memory usage from dropped targets added.\n  * New Features:\n    + Experimental OpenTelemetry ingestion.\n    + Automatic memory limit handling.\n    + Native histogram support, including new functions, UI enhancements, and improved scraping.\n    + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.\n    + Expanded service discovery options with added metadata and support for new services.\n    + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.\n  * Bug Fixes: \n    + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.\n  * For a detailed list of changes consult the package changelog or \n    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3\n\ngrafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading \n    golang.org/x/crypto (bsc#1234554)\n  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n  * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301)\n  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024)\n\n- Potential breaking changes in version 10:\n  * In panels using the `extract fields` transformation, where one\n    of the extracted names collides with one of the already\n    existing ields, the extracted field will be renamed.\n  * For the existing backend mode users who have table\n    visualization might see some inconsistencies on their panels.\n    We have updated the table column naming. This will\n    potentially affect field transformations and/or field\n    overrides. To resolve this either: update transformation or\n    field override.\n  * For the existing backend mode users who have Transformations\n    with the `time` field, might see their transformations are\n    not working. Those panels that have broken transformations\n    will fail to render. This is because we changed the field\n    key. To resolve this either: Remove the affected panel and\n    re-create it; Select the `Time` field again; Edit the `time`\n    field as `Time` for transformation in `panel.json` or\n    `dashboard.json` \n  * The following data source permission endpoints have been removed:\n    `GET /datasources/:datasourceId/permissions`\n    `POST /api/datasources/:datasourceId/permissions`\n    `DELETE /datasources/:datasourceId/permissions`\n    `POST /datasources/:datasourceId/enable-permissions`\n    `POST /datasources/:datasourceId/disable-permissions`\n    + Please use the following endpoints instead:\n      `GET /api/access-control/datasources/:uid` for listing data\n       source permissions\n      `POST /api/access-control/datasources/:uid/users/:id`,\n      `POST /api/access-control/datasources/:uid/teams/:id` and\n      `POST /api/access-control/datasources/:uid/buildInRoles/:id` \n      for adding or removing data source permissions\n  * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your\n    provider.\n  * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. \n    We have updated the table column naming. This will potentially affect field transformations and/or field overrides.\n  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. \n    Dashboard information can be retrieved from the `/dashboard/...` APIs.\n  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID`\n  * Removed all components for the old panel header design.\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/\n    for more details\n  * OAuth role mapping enforcement: This change impacts GitHub,\n    Gitlab, Okta, and Generic OAuth. To avoid overriding manually\n    set roles, enable the skip_org_role_sync option in the\n    Grafana configuration for your OAuth provider before\n    upgrading\n  * Angular has been deprecated\n  * Grafana legacy alerting has been deprecated\n  * API keys are migrating to service accounts\n  * The experimental “dashboard previews” feature is removed\n  * Usernames are now case-insensitive by default\n  * Grafana OAuth integrations do not work anymore with email lookups\n  * The “Alias” field in the CloudWatch data source is removed\n  * Athena data source plugin must be updated to version >=2.9.3\n  * Redshift data source plugin must be updated to version >=1.8.3\n  * DoiT International BigQuery plugin no longer supported\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0\n    for more details\n\n- This update brings many new features, enhancements and fixes highlighted at:\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/:\n\nspacecmd was updated to version 5.0.11-0:\n\n- Updated translation strings\n\nsupportutils-plugin-salt was updated to version 1.2.3:\n\n- Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145)\n- Provide backwards-compatible scripts version\n\nsupportutils-plugin-susemanager-client was updated to version 5.0.4-0:\n\n- Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145)\n\nuyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:\n\n- Security issues fixed:\n  * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497)\n- Other changes and bugs fixed:\n  * Version 0.1.27-0\n    + Bump the default image tag to 5.0.3\n    + IsInstalled function fix\n    + Run systemctl daemon-reload after changing the container image config (bsc#1233279)\n    + Coco-replicas-upgrade\n    + Persist search server indexes (bsc#1231759)\n    + Sync deletes files during migration (bsc#1233660)\n    + Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)\n    + Add --registry back to mgrpxy (bsc#1233202)\n    + Only add java.hostname on migrated server if not present\n    + Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)\n    + Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)\n    + Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)\n  * Version 0.1.26-0\n    + Ignore all zypper caches during migration (bsc#1232769)\n    + Use the uyuni network for all podman containers (bsc#1232817)\n  * Version 0.1.25-0\n    + Don't migrate enabled systemd services, recreate them (bsc#1232575)\n  * Version 0.1.24-0\n    + Redact JSESSIONID and pxt-session-cookie values from logs and\n      console output (bsc#1231568)\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2025-525,SUSE-SLE-Manager-Tools-15-2025-525,SUSE-SLE-Manager-Tools-For-Micro-5-2025-525,SUSE-SLE-Module-Basesystem-15-SP6-2025-525,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-525,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-525,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-525,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-525,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-525,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-525,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-525,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-525,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-525,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-525,SUSE-Storage-7.1-2025-525,openSUSE-SLE-15.6-2025-525",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0525-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2025:0525-1",
            url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250525-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2025:0525-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020347.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1212641",
            url: "https://bugzilla.suse.com/1212641",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229079",
            url: "https://bugzilla.suse.com/1229079",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229104",
            url: "https://bugzilla.suse.com/1229104",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231024",
            url: "https://bugzilla.suse.com/1231024",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231497",
            url: "https://bugzilla.suse.com/1231497",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231568",
            url: "https://bugzilla.suse.com/1231568",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231759",
            url: "https://bugzilla.suse.com/1231759",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232575",
            url: "https://bugzilla.suse.com/1232575",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232769",
            url: "https://bugzilla.suse.com/1232769",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232817",
            url: "https://bugzilla.suse.com/1232817",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232970",
            url: "https://bugzilla.suse.com/1232970",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233202",
            url: "https://bugzilla.suse.com/1233202",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233279",
            url: "https://bugzilla.suse.com/1233279",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233630",
            url: "https://bugzilla.suse.com/1233630",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233660",
            url: "https://bugzilla.suse.com/1233660",
         },
         {
            category: "self",
            summary: "SUSE Bug 1234123",
            url: "https://bugzilla.suse.com/1234123",
         },
         {
            category: "self",
            summary: "SUSE Bug 1234554",
            url: "https://bugzilla.suse.com/1234554",
         },
         {
            category: "self",
            summary: "SUSE Bug 1235145",
            url: "https://bugzilla.suse.com/1235145",
         },
         {
            category: "self",
            summary: "SUSE Bug 1236301",
            url: "https://bugzilla.suse.com/1236301",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-3128 page",
            url: "https://www.suse.com/security/cve/CVE-2023-3128/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-22037 page",
            url: "https://www.suse.com/security/cve/CVE-2024-22037/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45337 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45337/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-51744 page",
            url: "https://www.suse.com/security/cve/CVE-2024-51744/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-6837 page",
            url: "https://www.suse.com/security/cve/CVE-2024-6837/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-8118 page",
            url: "https://www.suse.com/security/cve/CVE-2024-8118/",
         },
      ],
      title: "Security update for SUSE Manager Client Tools",
      tracking: {
         current_release_date: "2025-02-14T07:18:27Z",
         generator: {
            date: "2025-02-14T07:18:27Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2025:0525-1",
         initial_release_date: "2025-02-14T07:18:27Z",
         revision_history: [
            {
               date: "2025-02-14T07:18:27Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                        product: {
                           name: "firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                           product_id: "firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                           product_id: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150000.1.66.1.aarch64",
                        product: {
                           name: "grafana-10.4.13-150000.1.66.1.aarch64",
                           product_id: "grafana-10.4.13-150000.1.66.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-150000.1.16.1.aarch64",
                        product: {
                           name: "mgrctl-0.1.28-150000.1.16.1.aarch64",
                           product_id: "mgrctl-0.1.28-150000.1.16.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "firewalld-prometheus-config-0.1-150000.3.59.1.i586",
                        product: {
                           name: "firewalld-prometheus-config-0.1-150000.3.59.1.i586",
                           product_id: "firewalld-prometheus-config-0.1-150000.3.59.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.i586",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.i586",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.i586",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.i586",
                           product_id: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150000.1.66.1.i586",
                        product: {
                           name: "grafana-10.4.13-150000.1.66.1.i586",
                           product_id: "grafana-10.4.13-150000.1.66.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-150000.1.16.1.i586",
                        product: {
                           name: "mgrctl-0.1.28-150000.1.16.1.i586",
                           product_id: "mgrctl-0.1.28-150000.1.16.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                        product: {
                           name: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                           product_id: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                        product: {
                           name: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                           product_id: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                        product: {
                           name: "mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                           product_id: "mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                        product: {
                           name: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                           product_id: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-5.0.11-150000.3.130.1.noarch",
                        product: {
                           name: "spacecmd-5.0.11-150000.3.130.1.noarch",
                           product_id: "spacecmd-5.0.11-150000.3.130.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                        product: {
                           name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                           product_id: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                        product: {
                           name: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                           product_id: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                        product: {
                           name: "firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                           product_id: "firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                           product_id: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150000.1.66.1.ppc64le",
                        product: {
                           name: "grafana-10.4.13-150000.1.66.1.ppc64le",
                           product_id: "grafana-10.4.13-150000.1.66.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-150000.1.16.1.ppc64le",
                        product: {
                           name: "mgrctl-0.1.28-150000.1.16.1.ppc64le",
                           product_id: "mgrctl-0.1.28-150000.1.16.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                        product: {
                           name: "firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                           product_id: "firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                           product_id: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150000.1.66.1.s390x",
                        product: {
                           name: "grafana-10.4.13-150000.1.66.1.s390x",
                           product_id: "grafana-10.4.13-150000.1.66.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-150000.1.16.1.s390x",
                        product: {
                           name: "mgrctl-0.1.28-150000.1.16.1.s390x",
                           product_id: "mgrctl-0.1.28-150000.1.16.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                        product: {
                           name: "firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                           product_id: "firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                           product_id: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150000.1.66.1.x86_64",
                        product: {
                           name: "grafana-10.4.13-150000.1.66.1.x86_64",
                           product_id: "grafana-10.4.13-150000.1.66.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-150000.1.16.1.x86_64",
                        product: {
                           name: "mgrctl-0.1.28-150000.1.16.1.x86_64",
                           product_id: "mgrctl-0.1.28-150000.1.16.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 15",
                        product: {
                           name: "SUSE Manager Client Tools 15",
                           product_id: "SUSE Manager Client Tools 15",
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools for SLE Micro 5",
                        product: {
                           name: "SUSE Manager Client Tools for SLE Micro 5",
                           product_id: "SUSE Manager Client Tools for SLE Micro 5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-manager-tools-micro:5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-basesystem:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                           product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                        product: {
                           name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                           product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle_hpc-espos:15:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                           product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                        product: {
                           name: "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                           product_id: "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle_hpc-espos:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                           product_id: "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 15 SP3-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 15 SP3-LTSS",
                           product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss:15:sp3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 15 SP4-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 15 SP4-LTSS",
                           product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss:15:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 15 SP5-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 15 SP5-LTSS",
                           product_id: "SUSE Linux Enterprise Server 15 SP5-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:15:sp3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:15:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Proxy 4.3",
                        product: {
                           name: "SUSE Manager Proxy 4.3",
                           product_id: "SUSE Manager Proxy 4.3",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse-manager-proxy:4.3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Manager Server 4.3",
                        product: {
                           name: "SUSE Manager Server 4.3",
                           product_id: "SUSE Manager Server 4.3",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse-manager-server:4.3",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Enterprise Storage 7.1",
                        product: {
                           name: "SUSE Enterprise Storage 7.1",
                           product_id: "SUSE Enterprise Storage 7.1",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:ses:7.1",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.6",
                        product: {
                           name: "openSUSE Leap 15.6",
                           product_id: "openSUSE Leap 15.6",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "firewalld-prometheus-config-0.1-150000.3.59.1.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
            },
            product_reference: "firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
            },
            product_reference: "firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "firewalld-prometheus-config-0.1-150000.3.59.1.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
            },
            product_reference: "firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "firewalld-prometheus-config-0.1-150000.3.59.1.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
            },
            product_reference: "firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150000.1.66.1.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
            },
            product_reference: "grafana-10.4.13-150000.1.66.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150000.1.66.1.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
            },
            product_reference: "grafana-10.4.13-150000.1.66.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150000.1.66.1.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
            },
            product_reference: "grafana-10.4.13-150000.1.66.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150000.1.66.1.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
            },
            product_reference: "grafana-10.4.13-150000.1.66.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.aarch64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.ppc64le as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.s390x as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.x86_64 as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-lang-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-lang-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-5.0.11-150000.3.130.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
            },
            product_reference: "spacecmd-5.0.11-150000.3.130.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch as component of SUSE Manager Client Tools 15",
               product_id: "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            },
            product_reference: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 15",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-150000.1.16.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
            },
            product_reference: "mgrctl-0.1.28-150000.1.16.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-lang-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-lang-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
               product_id: "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools for SLE Micro 5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
               product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
               product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
               product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
               product_id: "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
               product_id: "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
               product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
               product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Manager Proxy 4.3",
               product_id: "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Proxy 4.3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Manager Server 4.3",
               product_id: "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Server 4.3",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of SUSE Enterprise Storage 7.1",
               product_id: "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "SUSE Enterprise Storage 7.1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            },
            product_reference: "dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-5.0.11-150000.3.130.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
            },
            product_reference: "spacecmd-5.0.11-150000.3.130.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            },
            product_reference: "supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-3128",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-3128",
               url: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212641 for CVE-2023-3128",
               url: "https://bugzilla.suse.com/1212641",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.4,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "critical",
            },
         ],
         title: "CVE-2023-3128",
      },
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-22037",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-22037",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-22037",
               url: "https://www.suse.com/security/cve/CVE-2024-22037",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231497 for CVE-2024-22037",
               url: "https://bugzilla.suse.com/1231497",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-22037",
      },
      {
         cve: "CVE-2024-45337",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45337",
               url: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
            {
               category: "external",
               summary: "SUSE Bug 1234482 for CVE-2024-45337",
               url: "https://bugzilla.suse.com/1234482",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "important",
            },
         ],
         title: "CVE-2024-45337",
      },
      {
         cve: "CVE-2024-51744",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-51744",
            },
         ],
         notes: [
            {
               category: "general",
               text: "golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-51744",
               url: "https://www.suse.com/security/cve/CVE-2024-51744",
            },
            {
               category: "external",
               summary: "SUSE Bug 1232936 for CVE-2024-51744",
               url: "https://bugzilla.suse.com/1232936",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.1,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "low",
            },
         ],
         title: "CVE-2024-51744",
      },
      {
         cve: "CVE-2024-6837",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-6837",
               url: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
            {
               category: "external",
               summary: "SUSE Bug 1236301 for CVE-2024-6837",
               url: "https://bugzilla.suse.com/1236301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-6837",
      },
      {
         cve: "CVE-2024-8118",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
               "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
               "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
               "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
               "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
               "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
               "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-8118",
               url: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231024 for CVE-2024-8118",
               url: "https://bugzilla.suse.com/1231024",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Enterprise Storage 7.1:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "SUSE Linux Enterprise Server 15 SP3-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP4-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server 15 SP5-LTSS:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP4:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 15 SP5:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.aarch64",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.ppc64le",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.s390x",
                  "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.53.3-150000.3.59.1.x86_64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.aarch64",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.ppc64le",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.s390x",
                  "SUSE Manager Client Tools 15:grafana-10.4.13-150000.1.66.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.ppc64le",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools 15:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools 15:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Client Tools 15:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.aarch64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.s390x",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.28-150000.1.16.1.x86_64",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.28-150000.1.16.1.noarch",
                  "SUSE Manager Proxy 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "SUSE Manager Server 4.3:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1.noarch",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.aarch64",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.ppc64le",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.s390x",
                  "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.24.1.x86_64",
                  "openSUSE Leap 15.6:spacecmd-5.0.11-150000.3.130.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-salt-1.2.3-150000.3.16.1.noarch",
                  "openSUSE Leap 15.6:supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:18:27Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-8118",
      },
   ],
}

suse-su-2024:1530-1

Vulnerability from csaf_suse

Published

2024-05-06 09:52

Modified

2024-05-06 09:52

Summary

Security update for grafana and mybatis

Notes

Title of the patch

Security update for grafana and mybatis

Description of the patch

Patchnames

SUSE-2024-1530,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1530,openSUSE-SLE-15.5-2024-1530

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for grafana and mybatis",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for grafana and mybatis fixes the following issues:\n\ngrafana was updated to version 9.5.18:\n\n- Grafana now requires Go 1.20\n- Security issues fixed:\n\n  * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n\n- Other non-security related changes:\n\n  * Version 9.5.17:\n\n    + [FEATURE] Alerting: Backport use Alertmanager API v2\n\n  * Version 9.5.16:\n\n    + [BUGFIX] Annotations: Split cleanup into separate queries and\n      deletes to avoid deadlocks on MySQL\n\n  * Version 9.5.15:\n\n    + [FEATURE] Alerting: Attempt to retry retryable errors\n\n  * Version 9.5.14:\n\n    + [BUGFIX] Alerting: Fix state manager to not keep\n      datasource_uid and ref_id labels in state after Error\n    + [BUGFIX] Transformations: Config overrides being lost when\n      config from query transform is applied\n    + [BUGFIX] LDAP: Fix enable users on successfull login\n\n  * Version 9.5.13:\n\n    + [BUGFIX] BrowseDashboards: Only remember the most recent\n      expanded folder\n    + [BUGFIX] Licensing: Pass func to update env variables when\n      starting plugin\n\n  * Version 9.5.12:\n\n    + [FEATURE] Azure: Add support for Workload Identity\n      authentication\n\n  * Version 9.5.9:\n\n    + [FEATURE] SSE: Fix DSNode to not panic when response has empty\n      response\n    + [FEATURE] Prometheus: Handle the response with different field\n      key order\n    + [BUGFIX] LDAP: Fix user disabling\n\n\nmybatis:\n\n- `apache-commons-ognl` is now a non-optional dependency\n- Fixed building with log4j v1 and v2 dependencies\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1530,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1530,openSUSE-SLE-15.5-2024-1530",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1530-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1530-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241530-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1530-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-May/035151.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1222155",
            url: "https://bugzilla.suse.com/1222155",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-1313 page",
            url: "https://www.suse.com/security/cve/CVE-2024-1313/",
         },
      ],
      title: "Security update for grafana and mybatis",
      tracking: {
         current_release_date: "2024-05-06T09:52:35Z",
         generator: {
            date: "2024-05-06T09:52:35Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1530-1",
         initial_release_date: "2024-05-06T09:52:35Z",
         revision_history: [
            {
               date: "2024-05-06T09:52:35Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.aarch64",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.aarch64",
                           product_id: "grafana-9.5.18-150200.3.56.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.i586",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.i586",
                           product_id: "grafana-9.5.18-150200.3.56.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mybatis-3.5.6-150200.5.6.1.noarch",
                        product: {
                           name: "mybatis-3.5.6-150200.5.6.1.noarch",
                           product_id: "mybatis-3.5.6-150200.5.6.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                        product: {
                           name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                           product_id: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.ppc64le",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.ppc64le",
                           product_id: "grafana-9.5.18-150200.3.56.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.s390x",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.s390x",
                           product_id: "grafana-9.5.18-150200.3.56.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-9.5.18-150200.3.56.1.x86_64",
                        product: {
                           name: "grafana-9.5.18-150200.3.56.1.x86_64",
                           product_id: "grafana-9.5.18-150200.3.56.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.5",
                        product: {
                           name: "openSUSE Leap 15.5",
                           product_id: "openSUSE Leap 15.5",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.aarch64 as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.ppc64le as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.s390x as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.18-150200.3.56.1.x86_64 as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
            },
            product_reference: "grafana-9.5.18-150200.3.56.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mybatis-3.5.6-150200.5.6.1.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
            },
            product_reference: "mybatis-3.5.6-150200.5.6.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch as component of openSUSE Leap 15.5",
               product_id: "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            },
            product_reference: "mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
               "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:52:35Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-1313",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
         ],
         notes: [
            {
               category: "general",
               text: "It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized.\n\nGrafana Labs would like to thank Ravid Mazon and Jay Chen of Palo \nAlto Research for discovering and disclosing this vulnerability.\n\nThis issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
               "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
               "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
               "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-1313",
               url: "https://www.suse.com/security/cve/CVE-2024-1313",
            },
            {
               category: "external",
               summary: "SUSE Bug 1222155 for CVE-2024-1313",
               url: "https://bugzilla.suse.com/1222155",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.aarch64",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.ppc64le",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.s390x",
                  "openSUSE Leap 15.5:grafana-9.5.18-150200.3.56.1.x86_64",
                  "openSUSE Leap 15.5:mybatis-3.5.6-150200.5.6.1.noarch",
                  "openSUSE Leap 15.5:mybatis-javadoc-3.5.6-150200.5.6.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-05-06T09:52:35Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-1313",
      },
   ],
}

suse-su-2025:0524-1

Vulnerability from csaf_suse

Published

2025-02-14 07:16

Modified

2025-02-14 07:16

Summary

Security update for SUSE Manager Client Tools

Notes

Title of the patch

Security update for SUSE Manager Client Tools

Description of the patch

This update fixes the following issues: golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649): - Security issues fixed: * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling (bsc#1232970) - Highlights of other changes: * Performance: + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations. + Default GOGC value lowered to 75 for better memory management. + Option to limit memory usage from dropped targets added. * New Features: + Experimental OpenTelemetry ingestion. + Automatic memory limit handling. + Native histogram support, including new functions, UI enhancements, and improved scraping. + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option. + Expanded service discovery options with added metadata and support for new services. + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping. * Bug Fixes: + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery. * For a detailed list of changes consult the package changelog or https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3 golang-github-prometheus-promu was updated to version 0.17.0: - Added codesign utility function grafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649): - Security issues fixed: * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto (bsc#1234554) * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301) * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024) - Potential breaking changes in version 10: * In panels using the `extract fields` transformation, where one of the extracted names collides with one of the already existing ields, the extracted field will be renamed. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. To resolve this either: update transformation or field override. * For the existing backend mode users who have Transformations with the `time` field, might see their transformations are not working. Those panels that have broken transformations will fail to render. This is because we changed the field key. To resolve this either: Remove the affected panel and re-create it; Select the `Time` field again; Edit the `time` field as `Time` for transformation in `panel.json` or `dashboard.json` * The following data source permission endpoints have been removed: `GET /datasources/:datasourceId/permissions` `POST /api/datasources/:datasourceId/permissions` `DELETE /datasources/:datasourceId/permissions` `POST /datasources/:datasourceId/enable-permissions` `POST /datasources/:datasourceId/disable-permissions` + Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your provider. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. Dashboard information can be retrieved from the `/dashboard/...` APIs. * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID` * Removed all components for the old panel header design. * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/ for more details * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta, and Generic OAuth. To avoid overriding manually set roles, enable the skip_org_role_sync option in the Grafana configuration for your OAuth provider before upgrading * Angular has been deprecated * Grafana legacy alerting has been deprecated * API keys are migrating to service accounts * The experimental “dashboard previews” feature is removed * Usernames are now case-insensitive by default * Grafana OAuth integrations do not work anymore with email lookups * The “Alias” field in the CloudWatch data source is removed * Athena data source plugin must be updated to version >=2.9.3 * Redshift data source plugin must be updated to version >=1.8.3 * DoiT International BigQuery plugin no longer supported * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0 for more details - This update brings many new features, enhancements and fixes highlighted at: * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/ spacecmd was updated to version 5.0.11-0: - Updated translation strings supportutils-plugin-salt was updated to version 1.2.3: - Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145) - Provide backwards-compatible scripts version supportutils-plugin-susemanager-client was updated to version 5.0.4-0: - Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145) uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: - Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) - Other changes and bugs fixed: * Version 0.1.27-0 + Bump the default image tag to 5.0.3 + IsInstalled function fix + Run systemctl daemon-reload after changing the container image config (bsc#1233279) + Coco-replicas-upgrade + Persist search server indexes (bsc#1231759) + Sync deletes files during migration (bsc#1233660) + Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) + Add --registry back to mgrpxy (bsc#1233202) + Only add java.hostname on migrated server if not present + Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) + Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) + Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 + Ignore all zypper caches during migration (bsc#1232769) + Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 + Don't migrate enabled systemd services, recreate them (bsc#1232575) + Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

Patchnames

SUSE-2025-524,SUSE-SLE-Manager-Tools-12-2025-524

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for SUSE Manager Client Tools",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update fixes the following issues:\n\ngolang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 (jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error\n    handling (bsc#1232970)\n\n- Highlights of other changes:\n  * Performance: \n    + Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and \n      remote write operations.\n    + Default GOGC value lowered to 75 for better memory management. \n    + Option to limit memory usage from dropped targets added.\n  * New Features:\n    + Experimental OpenTelemetry ingestion.\n    + Automatic memory limit handling.\n    + Native histogram support, including new functions, UI enhancements, and improved scraping.\n    + Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.\n    + Expanded service discovery options with added metadata and support for new services.\n    + New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.\n  * Bug Fixes: \n    + Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.\n  * For a detailed list of changes consult the package changelog or \n    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3\n\ngolang-github-prometheus-promu was updated to version 0.17.0:\n\n- Added codesign utility function\n\ngrafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading \n    golang.org/x/crypto (bsc#1234554)\n  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n  * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301)\n  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024)\n\n- Potential breaking changes in version 10:\n  * In panels using the `extract fields` transformation, where one\n    of the extracted names collides with one of the already\n    existing ields, the extracted field will be renamed.\n  * For the existing backend mode users who have table\n    visualization might see some inconsistencies on their panels.\n    We have updated the table column naming. This will\n    potentially affect field transformations and/or field\n    overrides. To resolve this either: update transformation or\n    field override.\n  * For the existing backend mode users who have Transformations\n    with the `time` field, might see their transformations are\n    not working. Those panels that have broken transformations\n    will fail to render. This is because we changed the field\n    key. To resolve this either: Remove the affected panel and\n    re-create it; Select the `Time` field again; Edit the `time`\n    field as `Time` for transformation in `panel.json` or\n    `dashboard.json` \n  * The following data source permission endpoints have been removed:\n    `GET /datasources/:datasourceId/permissions`\n    `POST /api/datasources/:datasourceId/permissions`\n    `DELETE /datasources/:datasourceId/permissions`\n    `POST /datasources/:datasourceId/enable-permissions`\n    `POST /datasources/:datasourceId/disable-permissions`\n    + Please use the following endpoints instead:\n      `GET /api/access-control/datasources/:uid` for listing data\n       source permissions\n      `POST /api/access-control/datasources/:uid/users/:id`,\n      `POST /api/access-control/datasources/:uid/teams/:id` and\n      `POST /api/access-control/datasources/:uid/buildInRoles/:id` \n      for adding or removing data source permissions\n  * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your\n    provider.\n  * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. \n    We have updated the table column naming. This will potentially affect field transformations and/or field overrides.\n  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. \n    Dashboard information can be retrieved from the `/dashboard/...` APIs.\n  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID`\n  * Removed all components for the old panel header design.\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/\n    for more details\n  * OAuth role mapping enforcement: This change impacts GitHub,\n    Gitlab, Okta, and Generic OAuth. To avoid overriding manually\n    set roles, enable the skip_org_role_sync option in the\n    Grafana configuration for your OAuth provider before\n    upgrading\n  * Angular has been deprecated\n  * Grafana legacy alerting has been deprecated\n  * API keys are migrating to service accounts\n  * The experimental &#8220;dashboard previews&#8221; feature is removed\n  * Usernames are now case-insensitive by default\n  * Grafana OAuth integrations do not work anymore with email lookups\n  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed\n  * Athena data source plugin must be updated to version &gt;=2.9.3\n  * Redshift data source plugin must be updated to version &gt;=1.8.3\n  * DoiT International BigQuery plugin no longer supported\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0\n    for more details\n\n- This update brings many new features, enhancements and fixes highlighted at:\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/\n\nspacecmd was updated to version 5.0.11-0:\n\n- Updated translation strings\n\nsupportutils-plugin-salt was updated to version 1.2.3:\n\n- Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145)\n- Provide backwards-compatible scripts version\n\nsupportutils-plugin-susemanager-client was updated to version 5.0.4-0:\n\n- Adjusted requirements for plugin to allow compatibility with supportutils 3.2.9 release (bsc#1235145)\n\nuyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:\n\n- Security issues fixed:\n  * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497)\n- Other changes and bugs fixed:\n  * Version 0.1.27-0\n    + Bump the default image tag to 5.0.3\n    + IsInstalled function fix\n    + Run systemctl daemon-reload after changing the container image config (bsc#1233279)\n    + Coco-replicas-upgrade\n    + Persist search server indexes (bsc#1231759)\n    + Sync deletes files during migration (bsc#1233660)\n    + Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)\n    + Add --registry back to mgrpxy (bsc#1233202)\n    + Only add java.hostname on migrated server if not present\n    + Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)\n    + Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)\n    + Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)\n  * Version 0.1.26-0\n    + Ignore all zypper caches during migration (bsc#1232769)\n    + Use the uyuni network for all podman containers (bsc#1232817)\n  * Version 0.1.25-0\n    + Don't migrate enabled systemd services, recreate them (bsc#1232575)\n    + Redact JSESSIONID and pxt-session-cookie values from logs and\n      console output (bsc#1231568)\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2025-524,SUSE-SLE-Manager-Tools-12-2025-524",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0524-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2025:0524-1",
            url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2025:0524-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020348.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1212641",
            url: "https://bugzilla.suse.com/1212641",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229079",
            url: "https://bugzilla.suse.com/1229079",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229104",
            url: "https://bugzilla.suse.com/1229104",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231024",
            url: "https://bugzilla.suse.com/1231024",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231497",
            url: "https://bugzilla.suse.com/1231497",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231568",
            url: "https://bugzilla.suse.com/1231568",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231759",
            url: "https://bugzilla.suse.com/1231759",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232575",
            url: "https://bugzilla.suse.com/1232575",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232769",
            url: "https://bugzilla.suse.com/1232769",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232817",
            url: "https://bugzilla.suse.com/1232817",
         },
         {
            category: "self",
            summary: "SUSE Bug 1232970",
            url: "https://bugzilla.suse.com/1232970",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233202",
            url: "https://bugzilla.suse.com/1233202",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233279",
            url: "https://bugzilla.suse.com/1233279",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233630",
            url: "https://bugzilla.suse.com/1233630",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233660",
            url: "https://bugzilla.suse.com/1233660",
         },
         {
            category: "self",
            summary: "SUSE Bug 1234123",
            url: "https://bugzilla.suse.com/1234123",
         },
         {
            category: "self",
            summary: "SUSE Bug 1234554",
            url: "https://bugzilla.suse.com/1234554",
         },
         {
            category: "self",
            summary: "SUSE Bug 1235145",
            url: "https://bugzilla.suse.com/1235145",
         },
         {
            category: "self",
            summary: "SUSE Bug 1236301",
            url: "https://bugzilla.suse.com/1236301",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-3128 page",
            url: "https://www.suse.com/security/cve/CVE-2023-3128/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-22037 page",
            url: "https://www.suse.com/security/cve/CVE-2024-22037/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45337 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45337/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-51744 page",
            url: "https://www.suse.com/security/cve/CVE-2024-51744/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-6837 page",
            url: "https://www.suse.com/security/cve/CVE-2024-6837/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-8118 page",
            url: "https://www.suse.com/security/cve/CVE-2024-8118/",
         },
      ],
      title: "Security update for SUSE Manager Client Tools",
      tracking: {
         current_release_date: "2025-02-14T07:16:36Z",
         generator: {
            date: "2025-02-14T07:16:36Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2025:0524-1",
         initial_release_date: "2025-02-14T07:16:36Z",
         revision_history: [
            {
               date: "2025-02-14T07:16:36Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                           product_id: "golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-1.66.2.aarch64",
                        product: {
                           name: "grafana-10.4.13-1.66.2.aarch64",
                           product_id: "grafana-10.4.13-1.66.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-1.16.1.aarch64",
                        product: {
                           name: "mgrctl-0.1.28-1.16.1.aarch64",
                           product_id: "mgrctl-0.1.28-1.16.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.i586",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.i586",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-1.56.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-1.24.1.i586",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-1.24.1.i586",
                           product_id: "golang-github-prometheus-promu-0.17.0-1.24.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-1.66.2.i586",
                        product: {
                           name: "grafana-10.4.13-1.66.2.i586",
                           product_id: "grafana-10.4.13-1.66.2.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-1.16.1.i586",
                        product: {
                           name: "mgrctl-0.1.28-1.16.1.i586",
                           product_id: "mgrctl-0.1.28-1.16.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                        product: {
                           name: "mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                           product_id: "mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-lang-0.1.28-1.16.1.noarch",
                        product: {
                           name: "mgrctl-lang-0.1.28-1.16.1.noarch",
                           product_id: "mgrctl-lang-0.1.28-1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                        product: {
                           name: "mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                           product_id: "mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-5.0.11-38.153.1.noarch",
                        product: {
                           name: "spacecmd-5.0.11-38.153.1.noarch",
                           product_id: "spacecmd-5.0.11-38.153.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                        product: {
                           name: "supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                           product_id: "supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
                        product: {
                           name: "supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
                           product_id: "supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                           product_id: "golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-1.66.2.ppc64le",
                        product: {
                           name: "grafana-10.4.13-1.66.2.ppc64le",
                           product_id: "grafana-10.4.13-1.66.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-1.16.1.ppc64le",
                        product: {
                           name: "mgrctl-0.1.28-1.16.1.ppc64le",
                           product_id: "mgrctl-0.1.28-1.16.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                           product_id: "golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-1.66.2.s390x",
                        product: {
                           name: "grafana-10.4.13-1.66.2.s390x",
                           product_id: "grafana-10.4.13-1.66.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-1.16.1.s390x",
                        product: {
                           name: "mgrctl-0.1.28-1.16.1.s390x",
                           product_id: "mgrctl-0.1.28-1.16.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                           product_id: "golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                           product_id: "golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-1.66.2.x86_64",
                        product: {
                           name: "grafana-10.4.13-1.66.2.x86_64",
                           product_id: "grafana-10.4.13-1.66.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.28-1.16.1.x86_64",
                        product: {
                           name: "mgrctl-0.1.28-1.16.1.x86_64",
                           product_id: "mgrctl-0.1.28-1.16.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 12",
                        product: {
                           name: "SUSE Manager Client Tools 12",
                           product_id: "SUSE Manager Client Tools 12",
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
            },
            product_reference: "golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-1.24.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-1.24.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.17.0-1.24.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-1.66.2.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
            },
            product_reference: "grafana-10.4.13-1.66.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-1.66.2.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
            },
            product_reference: "grafana-10.4.13-1.66.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-1.66.2.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
            },
            product_reference: "grafana-10.4.13-1.66.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-1.66.2.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
            },
            product_reference: "grafana-10.4.13-1.66.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-1.16.1.aarch64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
            },
            product_reference: "mgrctl-0.1.28-1.16.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-1.16.1.ppc64le as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
            },
            product_reference: "mgrctl-0.1.28-1.16.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-1.16.1.s390x as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
            },
            product_reference: "mgrctl-0.1.28-1.16.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.28-1.16.1.x86_64 as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
            },
            product_reference: "mgrctl-0.1.28-1.16.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.28-1.16.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.28-1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.28-1.16.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-5.0.11-38.153.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
            },
            product_reference: "spacecmd-5.0.11-38.153.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-salt-1.2.3-6.25.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
            },
            product_reference: "supportutils-plugin-salt-1.2.3-6.25.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch as component of SUSE Manager Client Tools 12",
               product_id: "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            },
            product_reference: "supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-3128",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-3128",
               url: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212641 for CVE-2023-3128",
               url: "https://bugzilla.suse.com/1212641",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.4,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "critical",
            },
         ],
         title: "CVE-2023-3128",
      },
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-22037",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-22037",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-22037",
               url: "https://www.suse.com/security/cve/CVE-2024-22037",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231497 for CVE-2024-22037",
               url: "https://bugzilla.suse.com/1231497",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-22037",
      },
      {
         cve: "CVE-2024-45337",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45337",
               url: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
            {
               category: "external",
               summary: "SUSE Bug 1234482 for CVE-2024-45337",
               url: "https://bugzilla.suse.com/1234482",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "important",
            },
         ],
         title: "CVE-2024-45337",
      },
      {
         cve: "CVE-2024-51744",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-51744",
            },
         ],
         notes: [
            {
               category: "general",
               text: "golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-51744",
               url: "https://www.suse.com/security/cve/CVE-2024-51744",
            },
            {
               category: "external",
               summary: "SUSE Bug 1232936 for CVE-2024-51744",
               url: "https://bugzilla.suse.com/1232936",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.1,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "low",
            },
         ],
         title: "CVE-2024-51744",
      },
      {
         cve: "CVE-2024-6837",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-6837",
               url: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
            {
               category: "external",
               summary: "SUSE Bug 1236301 for CVE-2024-6837",
               url: "https://bugzilla.suse.com/1236301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-6837",
      },
      {
         cve: "CVE-2024-8118",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
               "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
               "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
               "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
               "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
               "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
               "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-8118",
               url: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231024 for CVE-2024-8118",
               url: "https://bugzilla.suse.com/1231024",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.53.3-1.56.1.x86_64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.aarch64",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.ppc64le",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.s390x",
                  "SUSE Manager Client Tools 12:golang-github-prometheus-promu-0.17.0-1.24.1.x86_64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.aarch64",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.ppc64le",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.s390x",
                  "SUSE Manager Client Tools 12:grafana-10.4.13-1.66.2.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.aarch64",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.ppc64le",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.s390x",
                  "SUSE Manager Client Tools 12:mgrctl-0.1.28-1.16.1.x86_64",
                  "SUSE Manager Client Tools 12:mgrctl-bash-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:mgrctl-zsh-completion-0.1.28-1.16.1.noarch",
                  "SUSE Manager Client Tools 12:spacecmd-5.0.11-38.153.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-salt-1.2.3-6.25.1.noarch",
                  "SUSE Manager Client Tools 12:supportutils-plugin-susemanager-client-5.0.4-6.33.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:16:36Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-8118",
      },
   ],
}

suse-su-2025:0545-1

Vulnerability from csaf_suse

Published

2025-02-14 07:24

Modified

2025-02-14 07:24

Summary

Security update for grafana

Notes

Title of the patch

Security update for grafana

Description of the patch

This update for grafana fixes the following issues: grafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649): - Security issues fixed: * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto (bsc#1234554) * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301) * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024) - Potential breaking changes in version 10: * In panels using the `extract fields` transformation, where one of the extracted names collides with one of the already existing ields, the extracted field will be renamed. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. To resolve this either: update transformation or field override. * For the existing backend mode users who have Transformations with the `time` field, might see their transformations are not working. Those panels that have broken transformations will fail to render. This is because we changed the field key. To resolve this either: Remove the affected panel and re-create it; Select the `Time` field again; Edit the `time` field as `Time` for transformation in `panel.json` or `dashboard.json` * The following data source permission endpoints have been removed: `GET /datasources/:datasourceId/permissions` `POST /api/datasources/:datasourceId/permissions` `DELETE /datasources/:datasourceId/permissions` `POST /datasources/:datasourceId/enable-permissions` `POST /datasources/:datasourceId/disable-permissions` + Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your provider. * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. We have updated the table column naming. This will potentially affect field transformations and/or field overrides. * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. Dashboard information can be retrieved from the `/dashboard/...` APIs. * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID` * Removed all components for the old panel header design. * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/ for more details * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta, and Generic OAuth. To avoid overriding manually set roles, enable the skip_org_role_sync option in the Grafana configuration for your OAuth provider before upgrading * Angular has been deprecated * Grafana legacy alerting has been deprecated * API keys are migrating to service accounts * The experimental “dashboard previews” feature is removed * Usernames are now case-insensitive by default * Grafana OAuth integrations do not work anymore with email lookups * The “Alias” field in the CloudWatch data source is removed * Athena data source plugin must be updated to version >=2.9.3 * Redshift data source plugin must be updated to version >=1.8.3 * DoiT International BigQuery plugin no longer supported * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0 for more details - This update brings many new features, enhancements and fixes highlighted at: * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/ * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/

Patchnames

SUSE-2025-545,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-545,openSUSE-SLE-15.6-2025-545

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for grafana",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for grafana fixes the following issues:\n\ngrafana was updated from version 9.5.18 to 10.4.13 (jsc#PED-11591,jsc#PED-11649):\n\n- Security issues fixed:\n  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading \n    golang.org/x/crypto (bsc#1234554)\n  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth (bsc#1212641)\n  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n  * CVE-2024-6837: Fixed potential data source permission escalation (bsc#1236301)\n  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint (bsc#1231024)\n\n- Potential breaking changes in version 10:\n  * In panels using the `extract fields` transformation, where one\n    of the extracted names collides with one of the already\n    existing ields, the extracted field will be renamed.\n  * For the existing backend mode users who have table\n    visualization might see some inconsistencies on their panels.\n    We have updated the table column naming. This will\n    potentially affect field transformations and/or field\n    overrides. To resolve this either: update transformation or\n    field override.\n  * For the existing backend mode users who have Transformations\n    with the `time` field, might see their transformations are\n    not working. Those panels that have broken transformations\n    will fail to render. This is because we changed the field\n    key. To resolve this either: Remove the affected panel and\n    re-create it; Select the `Time` field again; Edit the `time`\n    field as `Time` for transformation in `panel.json` or\n    `dashboard.json` \n  * The following data source permission endpoints have been removed:\n    `GET /datasources/:datasourceId/permissions`\n    `POST /api/datasources/:datasourceId/permissions`\n    `DELETE /datasources/:datasourceId/permissions`\n    `POST /datasources/:datasourceId/enable-permissions`\n    `POST /datasources/:datasourceId/disable-permissions`\n    + Please use the following endpoints instead:\n      `GET /api/access-control/datasources/:uid` for listing data\n       source permissions\n      `POST /api/access-control/datasources/:uid/users/:id`,\n      `POST /api/access-control/datasources/:uid/teams/:id` and\n      `POST /api/access-control/datasources/:uid/buildInRoles/:id` \n      for adding or removing data source permissions\n  * If you are using Terraform Grafana provider to manage data source permissions, you will need to upgrade your\n    provider.\n  * For the existing backend mode users who have table visualization might see some inconsistencies on their panels. \n    We have updated the table column naming. This will potentially affect field transformations and/or field overrides.\n  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed. \n    Dashboard information can be retrieved from the `/dashboard/...` APIs.\n  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's `UID`\n  * Removed all components for the old panel header design.\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-3/\n    for more details\n  * OAuth role mapping enforcement: This change impacts GitHub,\n    Gitlab, Okta, and Generic OAuth. To avoid overriding manually\n    set roles, enable the skip_org_role_sync option in the\n    Grafana configuration for your OAuth provider before\n    upgrading\n  * Angular has been deprecated\n  * Grafana legacy alerting has been deprecated\n  * API keys are migrating to service accounts\n  * The experimental &#8220;dashboard previews&#8221; feature is removed\n  * Usernames are now case-insensitive by default\n  * Grafana OAuth integrations do not work anymore with email lookups\n  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed\n  * Athena data source plugin must be updated to version &gt;=2.9.3\n  * Redshift data source plugin must be updated to version &gt;=1.8.3\n  * DoiT International BigQuery plugin no longer supported\n  * Please review https://grafana.com/docs/grafana/next/breaking-changes/breaking-changes-v10-0\n    for more details\n\n- This update brings many new features, enhancements and fixes highlighted at:\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2025-545,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-545,openSUSE-SLE-15.6-2025-545",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0545-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2025:0545-1",
            url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250545-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2025:0545-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020341.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1212641",
            url: "https://bugzilla.suse.com/1212641",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231024",
            url: "https://bugzilla.suse.com/1231024",
         },
         {
            category: "self",
            summary: "SUSE Bug 1234554",
            url: "https://bugzilla.suse.com/1234554",
         },
         {
            category: "self",
            summary: "SUSE Bug 1236301",
            url: "https://bugzilla.suse.com/1236301",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-3128 page",
            url: "https://www.suse.com/security/cve/CVE-2023-3128/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45337 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45337/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-6837 page",
            url: "https://www.suse.com/security/cve/CVE-2024-6837/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-8118 page",
            url: "https://www.suse.com/security/cve/CVE-2024-8118/",
         },
      ],
      title: "Security update for grafana",
      tracking: {
         current_release_date: "2025-02-14T07:24:15Z",
         generator: {
            date: "2025-02-14T07:24:15Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2025:0545-1",
         initial_release_date: "2025-02-14T07:24:15Z",
         revision_history: [
            {
               date: "2025-02-14T07:24:15Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150200.3.59.1.aarch64",
                        product: {
                           name: "grafana-10.4.13-150200.3.59.1.aarch64",
                           product_id: "grafana-10.4.13-150200.3.59.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150200.3.59.1.i586",
                        product: {
                           name: "grafana-10.4.13-150200.3.59.1.i586",
                           product_id: "grafana-10.4.13-150200.3.59.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150200.3.59.1.ppc64le",
                        product: {
                           name: "grafana-10.4.13-150200.3.59.1.ppc64le",
                           product_id: "grafana-10.4.13-150200.3.59.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150200.3.59.1.s390x",
                        product: {
                           name: "grafana-10.4.13-150200.3.59.1.s390x",
                           product_id: "grafana-10.4.13-150200.3.59.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.4.13-150200.3.59.1.x86_64",
                        product: {
                           name: "grafana-10.4.13-150200.3.59.1.x86_64",
                           product_id: "grafana-10.4.13-150200.3.59.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.6",
                        product: {
                           name: "openSUSE Leap 15.6",
                           product_id: "openSUSE Leap 15.6",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.4.13-150200.3.59.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            },
            product_reference: "grafana-10.4.13-150200.3.59.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-3128",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-3128",
               url: "https://www.suse.com/security/cve/CVE-2023-3128",
            },
            {
               category: "external",
               summary: "SUSE Bug 1212641 for CVE-2023-3128",
               url: "https://bugzilla.suse.com/1212641",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.4,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:24:15Z",
               details: "critical",
            },
         ],
         title: "CVE-2023-3128",
      },
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:24:15Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
      {
         cve: "CVE-2024-45337",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45337",
               url: "https://www.suse.com/security/cve/CVE-2024-45337",
            },
            {
               category: "external",
               summary: "SUSE Bug 1234482 for CVE-2024-45337",
               url: "https://bugzilla.suse.com/1234482",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:24:15Z",
               details: "important",
            },
         ],
         title: "CVE-2024-45337",
      },
      {
         cve: "CVE-2024-6837",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-6837",
               url: "https://www.suse.com/security/cve/CVE-2024-6837",
            },
            {
               category: "external",
               summary: "SUSE Bug 1236301 for CVE-2024-6837",
               url: "https://bugzilla.suse.com/1236301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:24:15Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-6837",
      },
      {
         cve: "CVE-2024-8118",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
               "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-8118",
               url: "https://www.suse.com/security/cve/CVE-2024-8118",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231024 for CVE-2024-8118",
               url: "https://bugzilla.suse.com/1231024",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.13-150200.3.59.1.x86_64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.aarch64",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.ppc64le",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.s390x",
                  "openSUSE Leap 15.6:grafana-10.4.13-150200.3.59.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-02-14T07:24:15Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-8118",
      },
   ],
}

suse-su-2024:1419-1

Vulnerability from csaf_suse

Published

2024-04-24 09:04

Modified

2024-04-24 09:04

Summary

Security Beta update for SUSE Manager Client Tools

Notes

Title of the patch

Security Beta update for SUSE Manager Client Tools

Description of the patch

This update fixes the following issues: golang-github-prometheus-alertmanager: - Use %patch -P N instead of deprecated %patchN golang-github-prometheus-node_exporter: - Add `device_error` label for filesystem metrics. - Update rtnetlink library to fix errors during ARP metrics collection. - Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 - Update to 1.6.1: (no source code changes in this release) - BuildRequire go1.20 - Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 - Change go_modules archive in _service to use obscpio file golang-github-prometheus-promu: - Don't pass -extldflags -static by default grafana: - Require Go 1.20 - Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL - Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors - Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login - Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin - Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication - Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling spacecmd: - Version 5.0.5-0 * Update translation strings spacewalk-client-tools: - Version 5.0.4-0 * Remove rhn-profile-sync rhn_register spacewalk-channel and spacewalk-update-status supportutils-plugin-susemanager-client: - Version 5.0.3-0 * Remove rhnsd from client actions and server backend uyuni-tools: - Version 0.1.7-0 * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration * Fix migration script using missing awk in migration image - Version 0.1.6-0 * Pull image from authenticated registry * Port 80 should be published to the port 80 of the containers. 8080 is squid * Autogenerate the database password * Add mgrctl term command * Fix --version flag * Deny uyuni to suma upgrade and viceversa * Refactor upgrade to clarify script end adding post upgrade script (bsc#1219887) * Add mgradm install podman arguments to define big volumes storage * k8s migration use same functions as upgrade * Allow to use images from RPM if present * Schedule a system list refresh after migrate if not runned before * Ignore error on optional flag * Fix migration of multiple autoinstallable distributions * Obsolete uyuni-proxy-systemd-service package by mgrpxy * Add GitHub workflow for checking changelog * Allow installation using --image image:tag * Add command to register Peripheral server to Hub * Add Node exporter (9100) and Taskomatic (9800) ports to the list of open TCP ports * Fix minimal administrator password length * Do not assume the current host is a cluster node when getting kubelet version * Add mgrpxy start, stop and restart commands * Remove shm size constraints on the server * Add mgrpxy and mgradm status commands * Use uninstall commands dry run by default to avoid unintended removals * Make first user mandatory at install time * Add inspect and upgrade command * Improve error handling when exec.Command is used * Start/Stop/Restart command with kubernetes - Version 0.1.5-0 * Install aardvark-dns if netavark is installed (bsc#1220371)

Patchnames

SUSE-2024-1419,SUSE-SLE-Manager-Tools-12-BETA-2024-1419

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security Beta update for SUSE Manager Client Tools",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update fixes the following issues:\n\ngolang-github-prometheus-alertmanager:\n\n- Use %patch -P N instead of deprecated %patchN\n\ngolang-github-prometheus-node_exporter:\n\n- Add `device_error` label for filesystem metrics.\n- Update rtnetlink library to fix errors during ARP metrics collection.\n- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):\n  * [FEATURE] Add ZFS freebsd per dataset stats #2753\n  * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721\n  * [ENHANCEMENT] Parallelize stat calls in Linux filesystem\n    collector #1772\n  * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711\n  * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric\n    #2778\n  * [ENHANCEMENT] Improve qdisc collector performance #2779\n  * [ENHANCEMENT] Add include and exclude filter for hwmon\n    collector #2699\n  * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead\n    of procfs #2777\n  * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754\n  * [BUGFIX] Fallback to 32-bit stats in netdev #2757\n  * [BUGFIX] Close btrfs.FS handle after use #2780\n  * [BUGFIX] Move RO status before error return #2807\n  * [BUFFIX] Fix promhttp_metric_handler_errors_total being always\n    active #2808\n  * [BUGFIX] Fix nfsd v4 index miss #2824\n- Update to 1.6.1:\n  (no source code changes in this release)\n- BuildRequire go1.20\n- Update to 1.6.0:\n  * [CHANGE] Fix cpustat when some cpus are offline #2318\n  * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605\n  * [CHANGE] Deprecate ntp collector #2603\n  * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583\n  * [CHANGE] Deprecate supervisord collector #2685\n  * [FEATURE] Enable uname collector on NetBSD #2559\n  * [FEATURE] NetBSD support for the meminfo collector #2570\n  * [FEATURE] NetBSD support for CPU collector #2626\n  * [FEATURE] Add FreeBSD collector for netisr subsystem #2668\n  * [FEATURE] Add softirqs collector #2669\n  * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449\n  * [ENHANCEMENT] Add administrative state of Linux network\n    interfaces #2515\n  * [ENHANCEMENT] Log current value of GOMAXPROCS #2537\n  * [ENHANCEMENT] Add profiler options for perf collector #2542\n  * [ENHANCEMENT] Allow root path as metrics path #2590\n  * [ENHANCEMENT] Add cpu frequency governor metrics #2569\n  * [ENHANCEMENT] Add new landing page #2622\n  * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634\n  * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687\n  * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612\n  * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669\n  * [BUGFIX] perf: fixes for automatically detecting the correct\n    tracefs mountpoints #2553\n  * [BUGFIX] Fix `thermal_zone` collector noise @2554\n  * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD\n    2584\n  * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631\n  * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605\n  * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637\n  * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in\n    OpenBSD #2663\n- Change go_modules archive in _service to use obscpio file\n\ngolang-github-prometheus-promu:\n\n- Don't pass -extldflags -static by default\n\ngrafana:\n\n- Require Go 1.20\n- Update to version 9.5.16:\n  * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n  * [BUGFIX] Annotations: Split cleanup into separate queries and\n    deletes to avoid deadlocks on MySQL\n- Update to version 9.5.15:\n  * [FEATURE] Alerting: Attempt to retry retryable errors\n- Update to version 9.5.14:\n  * [BUGFIX] Alerting: Fix state manager to not keep\n    datasource_uid and ref_id labels in state after Error\n  * [BUGFIX] Transformations: Config overrides being lost when\n    config from query transform is applied\n  * [BUGFIX] LDAP: Fix enable users on successfull login\n- Update to version 9.5.13:\n  * [BUGFIX] BrowseDashboards: Only remember the most recent\n    expanded folder\n  * [BUGFIX] Licensing: Pass func to update env variables when\n    starting plugin\n- Update to version 9.5.12:\n  * [FEATURE] Azure: Add support for Workload Identity\n    authentication\n- Update to version 9.5.9:\n  * [FEATURE] SSE: Fix DSNode to not panic when response has empty\n    response\n  * [FEATURE] Prometheus: Handle the response with different field\n    key order\n  * [BUGFIX] LDAP: Fix user disabling\n\nspacecmd:\n\n- Version 5.0.5-0\n  * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 5.0.4-0\n  * Remove rhn-profile-sync rhn_register spacewalk-channel and\n    spacewalk-update-status\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.3-0\n  * Remove rhnsd from client actions and server backend\n\nuyuni-tools:\n\n- Version 0.1.7-0\n  * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration\n  * Fix migration script using missing awk in migration image\n- Version 0.1.6-0\n  * Pull image from authenticated registry\n  * Port 80 should be published to the port 80 of the containers.\n    8080 is squid\n  * Autogenerate the database password\n  * Add mgrctl term command\n  * Fix --version flag\n  * Deny uyuni to suma upgrade and viceversa\n  * Refactor upgrade to clarify script end adding post upgrade\n    script (bsc#1219887)\n  * Add mgradm install podman arguments to define big volumes storage\n  * k8s migration use same functions as upgrade\n  * Allow to use images from RPM if present\n  * Schedule a system list refresh after migrate if not runned before\n  * Ignore error on optional flag\n  * Fix migration of multiple autoinstallable distributions\n  * Obsolete uyuni-proxy-systemd-service package by mgrpxy\n  * Add GitHub workflow for checking changelog\n  * Allow installation using --image image:tag\n  * Add command to register Peripheral server to Hub\n  * Add Node exporter (9100) and Taskomatic (9800) ports to the list\n    of open TCP ports\n  * Fix minimal administrator password length\n  * Do not assume the current host is a cluster node when getting\n    kubelet version\n  * Add mgrpxy start, stop and restart commands\n  * Remove shm size constraints on the server\n  * Add mgrpxy and mgradm status commands\n  * Use uninstall commands dry run by default to avoid unintended\n    removals\n  * Make first user mandatory at install time\n  * Add inspect and upgrade command\n  * Improve error handling when exec.Command is used\n  * Start/Stop/Restart command with kubernetes\n- Version 0.1.5-0\n  * Install aardvark-dns if netavark is installed (bsc#1220371)\n\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-1419,SUSE-SLE-Manager-Tools-12-BETA-2024-1419",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1419-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:1419-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241419-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:1419-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-April/035086.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219887",
            url: "https://bugzilla.suse.com/1219887",
         },
         {
            category: "self",
            summary: "SUSE Bug 1219912",
            url: "https://bugzilla.suse.com/1219912",
         },
         {
            category: "self",
            summary: "SUSE Bug 1220371",
            url: "https://bugzilla.suse.com/1220371",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
      ],
      title: "Security Beta update for SUSE Manager Client Tools",
      tracking: {
         current_release_date: "2024-04-24T09:04:12Z",
         generator: {
            date: "2024-04-24T09:04:12Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:1419-1",
         initial_release_date: "2024-04-24T09:04:12Z",
         revision_history: [
            {
               date: "2024-04-24T09:04:12Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
                           product_id: "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-4.27.1.aarch64",
                        product: {
                           name: "grafana-9.5.16-4.27.1.aarch64",
                           product_id: "grafana-9.5.16-4.27.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-3.8.1.aarch64",
                        product: {
                           name: "mgrctl-0.1.7-3.8.1.aarch64",
                           product_id: "mgrctl-0.1.7-3.8.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-3.21.1.aarch64",
                        product: {
                           name: "uyuni-base-common-5.0.2-3.21.1.aarch64",
                           product_id: "uyuni-base-common-5.0.2-3.21.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-3.21.1.aarch64",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-3.21.1.aarch64",
                           product_id: "uyuni-base-proxy-5.0.2-3.21.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
                        product: {
                           name: "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
                           product_id: "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
                        product: {
                           name: "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
                           product_id: "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-check-5.0.4-55.51.1.noarch",
                        product: {
                           name: "python2-spacewalk-check-5.0.4-55.51.1.noarch",
                           product_id: "python2-spacewalk-check-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
                        product: {
                           name: "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
                           product_id: "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
                        product: {
                           name: "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
                           product_id: "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacecmd-5.0.5-41.48.1.noarch",
                        product: {
                           name: "spacecmd-5.0.5-41.48.1.noarch",
                           product_id: "spacecmd-5.0.5-41.48.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-check-5.0.4-55.51.1.noarch",
                        product: {
                           name: "spacewalk-check-5.0.4-55.51.1.noarch",
                           product_id: "spacewalk-check-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-setup-5.0.4-55.51.1.noarch",
                        product: {
                           name: "spacewalk-client-setup-5.0.4-55.51.1.noarch",
                           product_id: "spacewalk-client-setup-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "spacewalk-client-tools-5.0.4-55.51.1.noarch",
                        product: {
                           name: "spacewalk-client-tools-5.0.4-55.51.1.noarch",
                           product_id: "spacewalk-client-tools-5.0.4-55.51.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
                        product: {
                           name: "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
                           product_id: "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
                           product_id: "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-4.27.1.ppc64le",
                        product: {
                           name: "grafana-9.5.16-4.27.1.ppc64le",
                           product_id: "grafana-9.5.16-4.27.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-3.8.1.ppc64le",
                        product: {
                           name: "mgrctl-0.1.7-3.8.1.ppc64le",
                           product_id: "mgrctl-0.1.7-3.8.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-3.21.1.ppc64le",
                        product: {
                           name: "uyuni-base-common-5.0.2-3.21.1.ppc64le",
                           product_id: "uyuni-base-common-5.0.2-3.21.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-3.21.1.ppc64le",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-3.21.1.ppc64le",
                           product_id: "uyuni-base-proxy-5.0.2-3.21.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
                           product_id: "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-4.27.1.s390x",
                        product: {
                           name: "grafana-9.5.16-4.27.1.s390x",
                           product_id: "grafana-9.5.16-4.27.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-3.8.1.s390x",
                        product: {
                           name: "mgrctl-0.1.7-3.8.1.s390x",
                           product_id: "mgrctl-0.1.7-3.8.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-3.21.1.s390x",
                        product: {
                           name: "uyuni-base-common-5.0.2-3.21.1.s390x",
                           product_id: "uyuni-base-common-5.0.2-3.21.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-3.21.1.s390x",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-3.21.1.s390x",
                           product_id: "uyuni-base-proxy-5.0.2-3.21.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
                        product: {
                           name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
                           product_id: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
                        product: {
                           name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
                           product_id: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
                        product: {
                           name: "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
                           product_id: "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "grafana-9.5.16-4.27.1.x86_64",
                        product: {
                           name: "grafana-9.5.16-4.27.1.x86_64",
                           product_id: "grafana-9.5.16-4.27.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "mgrctl-0.1.7-3.8.1.x86_64",
                        product: {
                           name: "mgrctl-0.1.7-3.8.1.x86_64",
                           product_id: "mgrctl-0.1.7-3.8.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-common-5.0.2-3.21.1.x86_64",
                        product: {
                           name: "uyuni-base-common-5.0.2-3.21.1.x86_64",
                           product_id: "uyuni-base-common-5.0.2-3.21.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "uyuni-base-proxy-5.0.2-3.21.1.x86_64",
                        product: {
                           name: "uyuni-base-proxy-5.0.2-3.21.1.x86_64",
                           product_id: "uyuni-base-proxy-5.0.2-3.21.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Manager Client Tools 12-BETA",
                        product: {
                           name: "SUSE Manager Client Tools 12-BETA",
                           product_id: "SUSE Manager Client Tools 12-BETA",
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
            },
            product_reference: "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
            },
            product_reference: "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-4.15.1.s390x as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
            },
            product_reference: "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-4.27.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
            },
            product_reference: "grafana-9.5.16-4.27.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-4.27.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
            },
            product_reference: "grafana-9.5.16-4.27.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-4.27.1.s390x as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
            },
            product_reference: "grafana-9.5.16-4.27.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-9.5.16-4.27.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
            },
            product_reference: "grafana-9.5.16-4.27.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-3.8.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
            },
            product_reference: "mgrctl-0.1.7-3.8.1.aarch64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-3.8.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
            },
            product_reference: "mgrctl-0.1.7-3.8.1.ppc64le",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-3.8.1.s390x as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
            },
            product_reference: "mgrctl-0.1.7-3.8.1.s390x",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-0.1.7-3.8.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
            },
            product_reference: "mgrctl-0.1.7-3.8.1.x86_64",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-bash-completion-0.1.7-3.8.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
            },
            product_reference: "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mgrctl-zsh-completion-0.1.7-3.8.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
            },
            product_reference: "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-check-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
            },
            product_reference: "python2-spacewalk-check-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
            },
            product_reference: "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
            },
            product_reference: "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacecmd-5.0.5-41.48.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
            },
            product_reference: "spacecmd-5.0.5-41.48.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-check-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
            },
            product_reference: "spacewalk-check-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-setup-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
            },
            product_reference: "spacewalk-client-setup-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "spacewalk-client-tools-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
            },
            product_reference: "spacewalk-client-tools-5.0.4-55.51.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch as component of SUSE Manager Client Tools 12-BETA",
               product_id: "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
            },
            product_reference: "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
            relates_to_product_reference: "SUSE Manager Client Tools 12-BETA",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
               "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
               "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
               "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
               "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
               "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
               "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
               "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
               "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
               "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
               "SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
               "SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
               "SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
               "SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
               "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
                  "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-04-24T09:04:12Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
   ],
}

opensuse-su-2024:13713-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

grafana-10.1.7-1.1 on GA media

Notes

Title of the patch

grafana-10.1.7-1.1 on GA media

Description of the patch

These are all security issues fixed in the grafana-10.1.7-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13713

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "grafana-10.1.7-1.1 on GA media",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "These are all security issues fixed in the grafana-10.1.7-1.1 package on the GA media of openSUSE Tumbleweed.",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "openSUSE-Tumbleweed-2024-13713",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13713-1.json",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-6152 page",
            url: "https://www.suse.com/security/cve/CVE-2023-6152/",
         },
      ],
      title: "grafana-10.1.7-1.1 on GA media",
      tracking: {
         current_release_date: "2024-06-15T00:00:00Z",
         generator: {
            date: "2024-06-15T00:00:00Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "openSUSE-SU-2024:13713-1",
         initial_release_date: "2024-06-15T00:00:00Z",
         revision_history: [
            {
               date: "2024-06-15T00:00:00Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.1.7-1.1.aarch64",
                        product: {
                           name: "grafana-10.1.7-1.1.aarch64",
                           product_id: "grafana-10.1.7-1.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.1.7-1.1.ppc64le",
                        product: {
                           name: "grafana-10.1.7-1.1.ppc64le",
                           product_id: "grafana-10.1.7-1.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.1.7-1.1.s390x",
                        product: {
                           name: "grafana-10.1.7-1.1.s390x",
                           product_id: "grafana-10.1.7-1.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "grafana-10.1.7-1.1.x86_64",
                        product: {
                           name: "grafana-10.1.7-1.1.x86_64",
                           product_id: "grafana-10.1.7-1.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "openSUSE Tumbleweed",
                        product: {
                           name: "openSUSE Tumbleweed",
                           product_id: "openSUSE Tumbleweed",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:tumbleweed",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.1.7-1.1.aarch64 as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
            },
            product_reference: "grafana-10.1.7-1.1.aarch64",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.1.7-1.1.ppc64le as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
            },
            product_reference: "grafana-10.1.7-1.1.ppc64le",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.1.7-1.1.s390x as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
            },
            product_reference: "grafana-10.1.7-1.1.s390x",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "grafana-10.1.7-1.1.x86_64 as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64",
            },
            product_reference: "grafana-10.1.7-1.1.x86_64",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
               "openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
               "openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
               "openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-6152",
               url: "https://www.suse.com/security/cve/CVE-2023-6152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219912 for CVE-2023-6152",
               url: "https://bugzilla.suse.com/1219912",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
                  "openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-06-15T00:00:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-6152",
      },
   ],
}

ghsa-3hv4-r2fm-h27f

Vulnerability from github

Published

2024-02-13 22:25

Modified

2025-02-18 22:29

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Summary

Email Validation Bypass And Preventing Sign Up From Email's Owner

Details

Summary

Email validation can easily be bypassed because verify_email_enabled option enable email validation at sign up only. A user changing it's email after signing up (and verifying it) can change it without verification in /profile. This can be used to prevent legitimate owner of the email address from signing up.

Another way to prevent email's owner from signing up is by setting Username as an email: When a new user is registrering, they can set two different email addresses in the Email and Username field, technically having 2 email addresses (because Grafana handles usernames and emails the same in some situations), but only the former is validated.

Here user a prevents owner of bar@example.com to signup.

Details

I don't know exact location but this is related to PUT /api/user handler.

PoC

Bypass email validation: * Start a new grafana instance using latest version * Sign up with email foo@example. * Login to that account. * Go to profile and change email to bar@example.com * That's it, your using an email you don't own.

Prevent email's owner from signing up: * Start a new grafana instance using latest version * Sign up with email foo@example. * Login to that account. * Go to profile and change username (not email) to bar@example.com * Signout. * Try to sign up with email b@example.com * Warning popup "User with same email address already exists"

K6 script (with verify_email_enabled set to false): ```js import { check, group } from "k6" import http from "k6/http"

export const options = { scenarios: { perVuIter: { executor: 'per-vu-iterations', vus: 1, iterations: 1 } } }

const GRAFANA_URL = __ENV.GRAFANA_URL || "http://localhost:3000"

export default function () { group("create user_a with email foo@example.com", () => { const response = http.post(${GRAFANA_URL}/api/user/signup/step2, JSON.stringify({ "email": "foo@example.com", "password": "password" }), { headers: { 'Content-Type': "application/json" } })

check(response, {
  'status code is 200': (r) => r.status == 200
})

})

group("change user_a login to bar@example.com", () => { const response = http.put(${GRAFANA_URL}/api/user, JSON.stringify({ "email": "foo@example.com", "login": "bar@example.com", // user_b email. }), { headers: { 'Content-Type': "application/json" } })

check(response, {
  'status code is 200': (r) => r.status == 200
})

})

http.cookieJar().clear(GRAFANA_URL)

group("create user_b with email bar@example.com", () => { const response = http.post(${GRAFANA_URL}/api/user/signup/step2, JSON.stringify({ "email": "bar@example.com", "username": "bar@example.com", "password": "password" }), { headers: { 'Content-Type': "application/json" } })

check(response, {
  'status code is 200': (r) => r.status == 200 // fail
})

}) } ```

Impact

Bypass email verification. Prevent legitimate owner from signing up.

Show details on source website

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "Go",
            name: "github.com/grafana/grafana",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "2.5.0",
                  },
                  {
                     fixed: "9.5.16",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
      {
         package: {
            ecosystem: "Go",
            name: "github.com/grafana/grafana",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "10.0.0",
                  },
                  {
                     fixed: "10.0.11",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
      {
         package: {
            ecosystem: "Go",
            name: "github.com/grafana/grafana",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "10.1.0",
                  },
                  {
                     fixed: "10.1.7",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
      {
         package: {
            ecosystem: "Go",
            name: "github.com/grafana/grafana",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "10.2.0",
                  },
                  {
                     fixed: "10.2.4",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
      {
         package: {
            ecosystem: "Go",
            name: "github.com/grafana/grafana",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "10.3.0",
                  },
                  {
                     fixed: "10.3.3",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
   ],
   aliases: [
      "CVE-2023-6152",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-863",
      ],
      github_reviewed: true,
      github_reviewed_at: "2024-02-13T22:25:10Z",
      nvd_published_at: "2024-02-13T22:15:45Z",
      severity: "MODERATE",
   },
   details: "### Summary\nEmail validation can easily be bypassed because `verify_email_enabled` option enable email validation at sign up only.\nA user changing it's email after signing up (and verifying it) can change it without verification in `/profile`.\nThis can be used to prevent legitimate owner of the email address from signing up.\n\nAnother way to prevent email's owner from signing up is by setting Username as an email:\nWhen a new user is registrering, they can set two different email addresses in the Email and Username field, technically having 2 email addresses (because Grafana handles usernames and emails the same in some situations), but only the former is validated.\n\n![](https://user-images.githubusercontent.com/44581623/282073913-c1a8c20b-b6c3-46eb-840c-9e0dae718a2a.png)\n\nHere user a prevents owner of bar@example.com to signup.\n\n### Details\nI don't know exact location but this is related to PUT /api/user handler.\n\n### PoC\nBypass email validation:\n* Start a new grafana instance using latest version\n* Sign up with email foo@example.\n* Login to that account.\n* Go to profile and change email to  bar@example.com\n* That's it, your using an email you don't own.\n\nPrevent email's owner from signing up:\n* Start a new grafana instance using latest version\n* Sign up with email foo@example.\n* Login to that account.\n* Go to profile and change username (not email) to [bar@example.com](mailto:bar@example.com)\n* Signout.\n* Try to sign up with email [b@example.com](mailto:b@example.com)\n* Warning popup \"User with same email address already exists\"\n\nK6 script (with `verify_email_enabled` set to `false`):\n```js\nimport { check, group } from \"k6\"\nimport http from \"k6/http\"\n\nexport const options = {\n  scenarios: {\n    perVuIter: {\n      executor: 'per-vu-iterations',\n      vus: 1,\n      iterations: 1\n    }\n  }\n}\n\nconst GRAFANA_URL = __ENV.GRAFANA_URL || \"http://localhost:3000\"\n\nexport default function () {\n  group(\"create user_a with email foo@example.com\", () => {\n    const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({\n      \"email\": \"foo@example.com\",\n      \"password\": \"password\"\n    }), {\n      headers: {\n        'Content-Type': \"application/json\"\n      }\n    })\n\n    check(response, {\n      'status code is 200': (r) => r.status == 200\n    })\n  })\n\n  group(\"change user_a login to bar@example.com\", () => {\n    const response = http.put(`${GRAFANA_URL}/api/user`, JSON.stringify({\n      \"email\": \"foo@example.com\",\n      \"login\": \"bar@example.com\", // user_b email.\n    }), {\n      headers: {\n        'Content-Type': \"application/json\"\n      }\n    })\n\n    check(response, {\n      'status code is 200': (r) => r.status == 200\n    })\n  })\n\n  http.cookieJar().clear(GRAFANA_URL)\n\n  group(\"create user_b with email bar@example.com\", () => {\n    const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({\n      \"email\": \"bar@example.com\",\n      \"username\": \"bar@example.com\",\n      \"password\": \"password\"\n    }), {\n      headers: {\n        'Content-Type': \"application/json\"\n      }\n    })\n\n    check(response, {\n      'status code is 200': (r) => r.status == 200 // fail\n    })\n  })\n}\n```\n\n### Impact\nBypass email verification.\nPrevent legitimate owner from signing up.",
   id: "GHSA-3hv4-r2fm-h27f",
   modified: "2025-02-18T22:29:35Z",
   published: "2024-02-13T22:25:10Z",
   references: [
      {
         type: "WEB",
         url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
      },
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2023-6152",
      },
      {
         type: "PACKAGE",
         url: "https://github.com/grafana/grafana",
      },
      {
         type: "WEB",
         url: "https://grafana.com/security/security-advisories/cve-2023-6152",
      },
      {
         type: "WEB",
         url: "https://security.netapp.com/advisory/ntap-20250214-0008",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
         type: "CVSS_V3",
      },
   ],
   summary: "Email Validation Bypass And Preventing Sign Up From Email's Owner",
}

wid-sec-w-2024-0358

Vulnerability from csaf_certbund

Published

2024-02-13 23:00

Modified

2024-06-24 22:00

Summary

Grafana: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Grafana ist eine Open-Source Analyse- und Visualisierungssoftware.

Angriff

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Grafana ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - UNIX

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Grafana ist eine Open-Source Analyse- und Visualisierungssoftware.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Grafana ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- UNIX",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-0358 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0358.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-0358 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0358",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2024-02-13",
            url: "https://github.com/advisories/GHSA-3hv4-r2fm-h27f",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1427-1 vom 2024-04-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018418.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1419-1 vom 2024-04-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018419.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1509-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018463.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1508-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018464.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1530-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018454.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1530-2 vom 2024-06-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018810.html",
         },
      ],
      source_lang: "en-US",
      title: "Grafana: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen",
      tracking: {
         current_release_date: "2024-06-24T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:05:08.724+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-0358",
         initial_release_date: "2024-02-13T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-02-13T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-04-24T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-05-06T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-06-24T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von SUSE aufgenommen",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<9.5.16",
                        product: {
                           name: "Open Source Grafana <9.5.16",
                           product_id: "T032761",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.0.11",
                        product: {
                           name: "Open Source Grafana <10.0.11",
                           product_id: "T032762",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.1.7",
                        product: {
                           name: "Open Source Grafana <10.1.7",
                           product_id: "T032763",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.2.4",
                        product: {
                           name: "Open Source Grafana <10.2.4",
                           product_id: "T032764",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.3.3",
                        product: {
                           name: "Open Source Grafana <10.3.3",
                           product_id: "T032765",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Grafana",
               },
            ],
            category: "vendor",
            name: "Open Source",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Grafana. Dieser Fehler besteht in der Option verify_email_enabled aufgrund einer falschen Autorisierung, die es erlaubt, die E-Mail-Adresse ohne Überprüfung in /profile zu ändern. Dies kann dazu verwendet werden, den rechtmäßigen Besitzer der E-Mail-Adresse daran zu hindern, sich anzumelden. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um die E-Mail-Validierung zu umgehen und so Sicherheitsmaßnahmen zu umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "T002207",
            ],
         },
         release_date: "2024-02-13T23:00:00.000+00:00",
         title: "CVE-2023-6152",
      },
   ],
}

WID-SEC-W-2024-0358

Vulnerability from csaf_certbund

Published

2024-02-13 23:00

Modified

2024-06-24 22:00

Summary

Grafana: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Notes

Produktbeschreibung

Grafana ist eine Open-Source Analyse- und Visualisierungssoftware.

Angriff

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Grafana ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - UNIX

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Grafana ist eine Open-Source Analyse- und Visualisierungssoftware.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Grafana ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- UNIX",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-0358 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0358.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-0358 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0358",
         },
         {
            category: "external",
            summary: "GitHub Advisory Database vom 2024-02-13",
            url: "https://github.com/advisories/GHSA-3hv4-r2fm-h27f",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1427-1 vom 2024-04-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018418.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1419-1 vom 2024-04-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018419.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1509-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018463.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1508-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018464.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1530-1 vom 2024-05-06",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018454.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:1530-2 vom 2024-06-24",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018810.html",
         },
      ],
      source_lang: "en-US",
      title: "Grafana: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen",
      tracking: {
         current_release_date: "2024-06-24T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:05:08.724+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-0358",
         initial_release_date: "2024-02-13T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-02-13T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-04-24T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-05-06T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-06-24T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von SUSE aufgenommen",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<9.5.16",
                        product: {
                           name: "Open Source Grafana <9.5.16",
                           product_id: "T032761",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.0.11",
                        product: {
                           name: "Open Source Grafana <10.0.11",
                           product_id: "T032762",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.1.7",
                        product: {
                           name: "Open Source Grafana <10.1.7",
                           product_id: "T032763",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.2.4",
                        product: {
                           name: "Open Source Grafana <10.2.4",
                           product_id: "T032764",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<10.3.3",
                        product: {
                           name: "Open Source Grafana <10.3.3",
                           product_id: "T032765",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Grafana",
               },
            ],
            category: "vendor",
            name: "Open Source",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-6152",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Grafana. Dieser Fehler besteht in der Option verify_email_enabled aufgrund einer falschen Autorisierung, die es erlaubt, die E-Mail-Adresse ohne Überprüfung in /profile zu ändern. Dies kann dazu verwendet werden, den rechtmäßigen Besitzer der E-Mail-Adresse daran zu hindern, sich anzumelden. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um die E-Mail-Validierung zu umgehen und so Sicherheitsmaßnahmen zu umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "T002207",
            ],
         },
         release_date: "2024-02-13T23:00:00.000+00:00",
         title: "CVE-2023-6152",
      },
   ],
}

gsd-2023-6152

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-6152

Aliases

CVE-2023-6152

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2023-6152",
      id: "GSD-2023-6152",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2023-6152",
         ],
         details: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
         id: "GSD-2023-6152",
         modified: "2023-12-13T01:20:32.774255Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "security@grafana.com",
            ID: "CVE-2023-6152",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "Grafana",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "2.5.0",
                                       version_value: "9.5.16",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "10.0.11",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.1.0",
                                       version_value: "10.1.7",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.2.0",
                                       version_value: "10.2.4",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.3.0",
                                       version_value: "10.3.3",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "Grafana Enterprise",
                              version: {
                                 version_data: [
                                    {
                                       version_affected: "<",
                                       version_name: "2.5.0",
                                       version_value: "9.5.16",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.0.0",
                                       version_value: "10.0.11",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.1.0",
                                       version_value: "10.1.7",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.2.0",
                                       version_value: "10.2.4",
                                    },
                                    {
                                       version_affected: "<",
                                       version_name: "10.3.0",
                                       version_value: "10.3.3",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "Grafana",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               },
            ],
         },
         impact: {
            cvss: [
               {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        cweId: "CWE-863",
                        lang: "eng",
                        value: "CWE-863",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://grafana.com/security/security-advisories/cve-2023-6152/",
                  refsource: "MISC",
                  url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
               },
               {
                  name: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
                  refsource: "MISC",
                  url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         cve: {
            descriptions: [
               {
                  lang: "en",
                  value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
               },
            ],
            id: "CVE-2023-6152",
            lastModified: "2024-02-14T13:59:35.580",
            metrics: {
               cvssMetricV31: [
                  {
                     cvssData: {
                        attackComplexity: "LOW",
                        attackVector: "NETWORK",
                        availabilityImpact: "LOW",
                        baseScore: 5.4,
                        baseSeverity: "MEDIUM",
                        confidentialityImpact: "NONE",
                        integrityImpact: "LOW",
                        privilegesRequired: "LOW",
                        scope: "UNCHANGED",
                        userInteraction: "NONE",
                        vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                        version: "3.1",
                     },
                     exploitabilityScore: 2.8,
                     impactScore: 2.5,
                     source: "security@grafana.com",
                     type: "Secondary",
                  },
               ],
            },
            published: "2024-02-13T22:15:45.430",
            references: [
               {
                  source: "security@grafana.com",
                  url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
               },
               {
                  source: "security@grafana.com",
                  url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
               },
            ],
            sourceIdentifier: "security@grafana.com",
            vulnStatus: "Awaiting Analysis",
            weaknesses: [
               {
                  description: [
                     {
                        lang: "en",
                        value: "CWE-863",
                     },
                  ],
                  source: "security@grafana.com",
                  type: "Secondary",
               },
            ],
         },
      },
   },
}

fkie_cve-2023-6152

Vulnerability from fkie_nvd

Published

2024-02-13 22:15

Modified

2025-02-15 01:15

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Summary

References

URL	Tags
security@grafana.com	https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f	Exploit, Vendor Advisory
security@grafana.com	https://grafana.com/security/security-advisories/cve-2023-6152/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://grafana.com/security/security-advisories/cve-2023-6152/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20250214-0008/

Impacted products

Vendor	Product	Version
grafana	grafana	*
grafana	grafana	10.0.0
grafana	grafana	10.1.0
grafana	grafana	10.2.0
grafana	grafana	10.3.0

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1B0912A-B5CC-42BE-93D4-0A501A0245FA",
                     versionEndIncluding: "2.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB81DBAE-551A-41FD-BFB5-325C9E0BCA10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A61A884-885C-4961-8263-682CC9EDBCE8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F6206EA-DB68-4409-A694-74F47D6879D4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
      },
      {
         lang: "es",
         value: "Un usuario que cambia su correo electrónico después de registrarse y verificarlo puede cambiarlo sin verificación en la configuración del perfil. La opción de configuración \"verify_email_enabled\" solo validará el correo electrónico al registrarse.",
      },
   ],
   id: "CVE-2023-6152",
   lastModified: "2025-02-15T01:15:09.723",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "security@grafana.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-02-13T22:15:45.430",
   references: [
      {
         source: "security@grafana.com",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
      },
      {
         source: "security@grafana.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Vendor Advisory",
         ],
         url: "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://grafana.com/security/security-advisories/cve-2023-6152/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.netapp.com/advisory/ntap-20250214-0008/",
      },
   ],
   sourceIdentifier: "security@grafana.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "security@grafana.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_opensuse

Vulnerability from github

Summary

Details

PoC

Impact

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from gsd

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature