Vulnerability from csaf_suse
Published
2024-02-15 13:35
Modified
2024-02-15 13:35
Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:
- Do not strip if SUSE Linux Enterprise 15 SP3
- Exclude debug for Red Hat Enterprise Linux >= 8
- Build with Go >= 1.20 when the OS is not Red Hat Enterprise Linux
golang-github-prometheus-alertmanager:
- Create position independent executables (PIE)
- Add System/Monitoring group tag
- Update to version 0.26.0 (jsc#PED-7353):
https://github.com/prometheus/alertmanager/releases/tag/v0.26.0
* CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint
in the Alertmanager UI (bsc#1218838)
* Configuration: Fix empty list of receivers and inhibit_rules
would cause the alertmanager to crash
* Templating: Fixed a race condition when using the title
function. It is now race-safe
* API: Fixed duplicate receiver names in the api/v2/receivers API
endpoint
* API: Attempting to delete a silence now returns the correct
status code, 404 instead of 500
* Clustering: Fixes a panic when tls_client_config is empty
* Webhook: url is now marked as a secret. It will no longer show
up in the logs as clear-text
* Metrics: New label reason for
alertmanager_notifications_failed_total metric to indicate the
type of error of the alert delivery
* Clustering: New flag --cluster.label, to help to block any
traffic that is not meant for the cluster
* Integrations: Add Microsoft Teams as a supported integration
- Update to version 0.25.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.25.0
* Fail configuration loading if api_key and api_key_file are
defined at the same time
* Fix the alertmanager_alerts metric to avoid counting resolved
alerts as active. Also added a new alertmanager_marked_alerts
metric that retain the old behavior
* Trim contents of Slack API URLs when reading from files
* amtool: Avoid panic when the label value matcher is empty
* Fail configuration loading if api_url is empty for OpsGenie
* Fix email template for resolved notifications
* Add proxy_url support for OAuth2 in HTTP client configuration
* Reload TLS certificate and key from disk when updated
* Add Discord integration
* Add Webex integration
* Add min_version support to select the minimum TLS version in
HTTP client configuration
* Add max_version support to select the maximum TLS version in
* Emit warning logs when truncating messages in notifications
* Support HEAD method for the /-/healty and /-/ready endpoints
* Add support for reading global and local SMTP passwords from
files
* UI: Add 'Link' button to alerts in list
* UI: Allow to choose the first day of the week as Sunday or
Monday
- Update to version 0.24.0:
https://github.com/prometheus/alertmanager/releases/tag/v0.24.0
* Fix HTTP client configuration for the SNS receiver
* Fix unclosed file descriptor after reading the silences
snapshot file
* Fix field names for mute_time_intervals in JSON marshaling
* Ensure that the root route doesn't have any matchers
* Truncate the message's title to 1024 chars to avoid hitting
Slack limits
* Fix the default HTML email template (email.default.html) to
match with the canonical source
* Detect SNS FIFO topic based on the rendered value
* Avoid deleting and recreating a silence when an update is
possible
* api/v2: Return 200 OK when deleting an expired silence
* amtool: Fix the silence's end date when adding a silence. The
end date is (start date + duration) while it used to be
(current time + duration). The new behavior is consistent with
the update operation
* Add the /api/v2 prefix to all endpoints in the OpenAPI
specification and generated client code
* Add --cluster.tls-config experimental flag to secure cluster
traffic via mutual TLS
* Add Telegram integration
mgr-daemon:
- Version 4.3.8-1
* Update translation strings
prometheus-postgres_exporter:
- Remove duplicated call to systemd requirements
- Do not build debug if Red Hat Enterprise Linux >= 8
- Do not strip if SUSE Linux Enterprise 15 SP3
- Build at least with with Go >= 1.18 on Red Hat Enterprise Linux
- Build with Go >= 1.20 elsewhere
spacecmd:
- Version 4.3.26-1
* Update translation strings
spacewalk-client-tools:
- Version 4.3.18-1
* Update translation strings
Patchnames
SUSE-2024-486,SUSE-SLE-Manager-Tools-12-2024-486
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Client Tools", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Exclude debug for Red Hat Enterprise Linux >= 8\n- Build with Go >= 1.20 when the OS is not Red Hat Enterprise Linux\n\ngolang-github-prometheus-alertmanager:\n\n- Create position independent executables (PIE)\n- Add System/Monitoring group tag\n- Update to version 0.26.0 (jsc#PED-7353):\n https://github.com/prometheus/alertmanager/releases/tag/v0.26.0\n * CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint\n in the Alertmanager UI (bsc#1218838)\n * Configuration: Fix empty list of receivers and inhibit_rules\n would cause the alertmanager to crash\n * Templating: Fixed a race condition when using the title\n function. It is now race-safe\n * API: Fixed duplicate receiver names in the api/v2/receivers API\n endpoint\n * API: Attempting to delete a silence now returns the correct\n status code, 404 instead of 500\n * Clustering: Fixes a panic when tls_client_config is empty\n * Webhook: url is now marked as a secret. It will no longer show\n up in the logs as clear-text\n * Metrics: New label reason for\n alertmanager_notifications_failed_total metric to indicate the\n type of error of the alert delivery\n * Clustering: New flag --cluster.label, to help to block any\n traffic that is not meant for the cluster\n * Integrations: Add Microsoft Teams as a supported integration\n- Update to version 0.25.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.25.0\n * Fail configuration loading if api_key and api_key_file are\n defined at the same time\n * Fix the alertmanager_alerts metric to avoid counting resolved\n alerts as active. Also added a new alertmanager_marked_alerts\n metric that retain the old behavior\n * Trim contents of Slack API URLs when reading from files\n * amtool: Avoid panic when the label value matcher is empty\n * Fail configuration loading if api_url is empty for OpsGenie\n * Fix email template for resolved notifications\n * Add proxy_url support for OAuth2 in HTTP client configuration\n * Reload TLS certificate and key from disk when updated\n * Add Discord integration\n * Add Webex integration\n * Add min_version support to select the minimum TLS version in\n HTTP client configuration\n * Add max_version support to select the maximum TLS version in\n * Emit warning logs when truncating messages in notifications\n * Support HEAD method for the /-/healty and /-/ready endpoints\n * Add support for reading global and local SMTP passwords from\n files\n * UI: Add 'Link' button to alerts in list\n * UI: Allow to choose the first day of the week as Sunday or\n Monday\n- Update to version 0.24.0:\n https://github.com/prometheus/alertmanager/releases/tag/v0.24.0\n * Fix HTTP client configuration for the SNS receiver\n * Fix unclosed file descriptor after reading the silences\n snapshot file\n * Fix field names for mute_time_intervals in JSON marshaling\n * Ensure that the root route doesn't have any matchers\n * Truncate the message's title to 1024 chars to avoid hitting\n Slack limits\n * Fix the default HTML email template (email.default.html) to\n match with the canonical source\n * Detect SNS FIFO topic based on the rendered value\n * Avoid deleting and recreating a silence when an update is\n possible\n * api/v2: Return 200 OK when deleting an expired silence\n * amtool: Fix the silence's end date when adding a silence. The\n end date is (start date + duration) while it used to be\n (current time + duration). The new behavior is consistent with\n the update operation\n * Add the /api/v2 prefix to all endpoints in the OpenAPI\n specification and generated client code\n * Add --cluster.tls-config experimental flag to secure cluster\n traffic via mutual TLS\n * Add Telegram integration\n\nmgr-daemon:\n\n- Version 4.3.8-1\n * Update translation strings\n\nprometheus-postgres_exporter:\n\n- Remove duplicated call to systemd requirements\n- Do not build debug if Red Hat Enterprise Linux >= 8\n- Do not strip if SUSE Linux Enterprise 15 SP3\n- Build at least with with Go >= 1.18 on Red Hat Enterprise Linux\n- Build with Go >= 1.20 elsewhere\n\nspacecmd:\n\n- Version 4.3.26-1\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 4.3.18-1\n * Update translation strings\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-486,SUSE-SLE-Manager-Tools-12-2024-486", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0486-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:0486-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20240486-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:0486-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html", }, { category: "self", summary: "SUSE Bug 1192154", url: "https://bugzilla.suse.com/1192154", }, { category: "self", summary: "SUSE Bug 1192696", url: "https://bugzilla.suse.com/1192696", }, { category: "self", summary: "SUSE Bug 1193492", url: "https://bugzilla.suse.com/1193492", }, { category: "self", summary: "SUSE Bug 1193686", url: "https://bugzilla.suse.com/1193686", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1204023", url: "https://bugzilla.suse.com/1204023", }, { category: "self", summary: "SUSE Bug 1218838", url: "https://bugzilla.suse.com/1218838", }, { category: "self", summary: "SUSE Bug 1218843", url: "https://bugzilla.suse.com/1218843", }, { category: "self", summary: "SUSE Bug 1218844", url: "https://bugzilla.suse.com/1218844", }, { category: "self", summary: "SUSE CVE CVE-2020-7753 page", url: "https://www.suse.com/security/cve/CVE-2020-7753/", }, { category: "self", summary: "SUSE CVE CVE-2021-3807 page", url: "https://www.suse.com/security/cve/CVE-2021-3807/", }, { category: "self", summary: "SUSE CVE CVE-2021-3918 page", url: "https://www.suse.com/security/cve/CVE-2021-3918/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2021-43798 page", url: "https://www.suse.com/security/cve/CVE-2021-43798/", }, { category: "self", summary: "SUSE CVE CVE-2021-43815 page", url: "https://www.suse.com/security/cve/CVE-2021-43815/", }, { category: "self", summary: "SUSE CVE CVE-2022-0155 page", url: "https://www.suse.com/security/cve/CVE-2022-0155/", }, { category: "self", summary: "SUSE CVE CVE-2022-41715 page", url: "https://www.suse.com/security/cve/CVE-2022-41715/", }, { category: "self", summary: "SUSE CVE CVE-2023-40577 page", url: "https://www.suse.com/security/cve/CVE-2023-40577/", }, ], title: "Security update for SUSE Manager Client Tools", tracking: { current_release_date: "2024-02-15T13:35:33Z", generator: { date: "2024-02-15T13:35:33Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:0486-1", initial_release_date: "2024-02-15T13:35:33Z", revision_history: [ { date: "2024-02-15T13:35:33Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", product: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", product_id: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", product: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", product_id: "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", }, }, { category: "product_version", name: "grafana-9.5.8-1.60.1.aarch64", product: { name: "grafana-9.5.8-1.60.1.aarch64", product_id: "grafana-9.5.8-1.60.1.aarch64", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", product: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", product_id: "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.i586", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586", product: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586", product_id: "golang-github-prometheus-prometheus-2.45.0-1.50.2.i586", }, }, { category: "product_version", name: "grafana-9.5.8-1.60.1.i586", product: { name: "grafana-9.5.8-1.60.1.i586", product_id: "grafana-9.5.8-1.60.1.i586", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-1.17.2.i586", product: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.i586", product_id: "prometheus-postgres_exporter-0.10.1-1.17.2.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "mgr-daemon-4.3.8-1.44.2.noarch", product: { name: "mgr-daemon-4.3.8-1.44.2.noarch", product_id: "mgr-daemon-4.3.8-1.44.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-check-4.3.18-52.95.2.noarch", product: { name: "python2-spacewalk-check-4.3.18-52.95.2.noarch", product_id: "python2-spacewalk-check-4.3.18-52.95.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", product: { name: "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", product_id: "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", product: { name: "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", product_id: "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", }, }, { category: "product_version", name: "spacecmd-4.3.26-38.136.2.noarch", product: { name: "spacecmd-4.3.26-38.136.2.noarch", product_id: "spacecmd-4.3.26-38.136.2.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.3.18-52.95.2.noarch", product: { name: "spacewalk-check-4.3.18-52.95.2.noarch", product_id: "spacewalk-check-4.3.18-52.95.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.3.18-52.95.2.noarch", product: { name: "spacewalk-client-setup-4.3.18-52.95.2.noarch", product_id: "spacewalk-client-setup-4.3.18-52.95.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.3.18-52.95.2.noarch", product: { name: "spacewalk-client-tools-4.3.18-52.95.2.noarch", product_id: "spacewalk-client-tools-4.3.18-52.95.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", product: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", product_id: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", product: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", product_id: "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", }, }, { category: "product_version", name: "grafana-9.5.8-1.60.1.ppc64le", product: { name: "grafana-9.5.8-1.60.1.ppc64le", product_id: "grafana-9.5.8-1.60.1.ppc64le", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", product: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", product_id: "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", product: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", product_id: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", product: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", product_id: "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", }, }, { category: "product_version", name: "grafana-9.5.8-1.60.1.s390x", product: { name: "grafana-9.5.8-1.60.1.s390x", product_id: "grafana-9.5.8-1.60.1.s390x", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-1.17.2.s390x", product: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.s390x", product_id: "prometheus-postgres_exporter-0.10.1-1.17.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", product: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", product_id: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", product: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", product_id: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", product: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", product_id: "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", }, }, { category: "product_version", name: "grafana-9.5.8-1.60.1.x86_64", product: { name: "grafana-9.5.8-1.60.1.x86_64", product_id: "grafana-9.5.8-1.60.1.x86_64", }, }, { category: "product_version", name: "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", product: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", product_id: "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Client Tools 12", product: { name: "SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", }, product_reference: "golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", }, product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", }, product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", }, product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", }, product_reference: "golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", }, product_reference: "golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-1.60.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", }, product_reference: "grafana-9.5.8-1.60.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-1.60.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", }, product_reference: "grafana-9.5.8-1.60.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-1.60.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", }, product_reference: "grafana-9.5.8-1.60.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "grafana-9.5.8-1.60.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", }, product_reference: "grafana-9.5.8-1.60.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.3.8-1.44.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", }, product_reference: "mgr-daemon-4.3.8-1.44.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", }, product_reference: "prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", }, product_reference: "prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", }, product_reference: "prometheus-postgres_exporter-0.10.1-1.17.2.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", }, product_reference: "prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", }, product_reference: "python2-spacewalk-check-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", }, product_reference: "python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", }, product_reference: "python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.26-38.136.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", }, product_reference: "spacecmd-4.3.26-38.136.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", }, product_reference: "spacewalk-check-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", }, product_reference: "spacewalk-client-setup-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.3.18-52.95.2.noarch as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", }, product_reference: "spacewalk-client-tools-4.3.18-52.95.2.noarch", relates_to_product_reference: "SUSE Manager Client Tools 12", }, ], }, vulnerabilities: [ { cve: "CVE-2020-7753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-7753", }, ], notes: [ { category: "general", text: "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-7753", url: "https://www.suse.com/security/cve/CVE-2020-7753", }, { category: "external", summary: "SUSE Bug 1218843 for CVE-2020-7753", url: "https://bugzilla.suse.com/1218843", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2020-7753", }, { cve: "CVE-2021-3807", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3807", }, ], notes: [ { category: "general", text: "ansi-regex is vulnerable to Inefficient Regular Expression Complexity", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3807", url: "https://www.suse.com/security/cve/CVE-2021-3807", }, { category: "external", summary: "SUSE Bug 1192154 for CVE-2021-3807", url: "https://bugzilla.suse.com/1192154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2021-3807", }, { cve: "CVE-2021-3918", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3918", }, ], notes: [ { category: "general", text: "json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-3918", url: "https://www.suse.com/security/cve/CVE-2021-3918", }, { category: "external", summary: "SUSE Bug 1192696 for CVE-2021-3918", url: "https://bugzilla.suse.com/1192696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2021-3918", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2021-43798", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43798", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43798", url: "https://www.suse.com/security/cve/CVE-2021-43798", }, { category: "external", summary: "SUSE Bug 1193492 for CVE-2021-43798", url: "https://bugzilla.suse.com/1193492", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2021-43798", }, { cve: "CVE-2021-43815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43815", }, ], notes: [ { category: "general", text: "Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is limited in scope, and only allows access to files with the extension .csv to authenticated users only. Grafana Cloud instances have not been affected by the vulnerability. Versions 8.3.2 and 7.5.12 contain a patch for this issue. There is a workaround available for users who cannot upgrade. Running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. The proxy will have to also be able to handle url encoded paths.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43815", url: "https://www.suse.com/security/cve/CVE-2021-43815", }, { category: "external", summary: "SUSE Bug 1193686 for CVE-2021-43815", url: "https://bugzilla.suse.com/1193686", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "moderate", }, ], title: "CVE-2021-43815", }, { cve: "CVE-2022-0155", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0155", }, ], notes: [ { category: "general", text: "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-0155", url: "https://www.suse.com/security/cve/CVE-2022-0155", }, { category: "external", summary: "SUSE Bug 1218844 for CVE-2022-0155", url: "https://bugzilla.suse.com/1218844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "moderate", }, ], title: "CVE-2022-0155", }, { cve: "CVE-2022-41715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-41715", }, ], notes: [ { category: "general", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-41715", url: "https://www.suse.com/security/cve/CVE-2022-41715", }, { category: "external", summary: "SUSE Bug 1204023 for CVE-2022-41715", url: "https://bugzilla.suse.com/1204023", }, { category: "external", summary: "SUSE Bug 1208441 for CVE-2022-41715", url: "https://bugzilla.suse.com/1208441", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "moderate", }, ], title: "CVE-2022-41715", }, { cve: "CVE-2023-40577", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-40577", }, ], notes: [ { category: "general", text: "Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-40577", url: "https://www.suse.com/security/cve/CVE-2023-40577", }, { category: "external", summary: "SUSE Bug 1218838 for CVE-2023-40577", url: "https://bugzilla.suse.com/1218838", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.aarch64", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.s390x", "SUSE Manager Client Tools 12:golang-github-lusitaniae-apache_exporter-1.0.0-1.21.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-alertmanager-0.26.0-1.24.2.x86_64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.aarch64", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.ppc64le", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.s390x", "SUSE Manager Client Tools 12:golang-github-prometheus-prometheus-2.45.0-1.50.2.x86_64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.aarch64", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.ppc64le", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.s390x", "SUSE Manager Client Tools 12:grafana-9.5.8-1.60.1.x86_64", "SUSE Manager Client Tools 12:mgr-daemon-4.3.8-1.44.2.noarch", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.aarch64", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.ppc64le", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.s390x", "SUSE Manager Client Tools 12:prometheus-postgres_exporter-0.10.1-1.17.2.x86_64", "SUSE Manager Client Tools 12:python2-spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:python2-spacewalk-client-tools-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacecmd-4.3.26-38.136.2.noarch", "SUSE Manager Client Tools 12:spacewalk-check-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-setup-4.3.18-52.95.2.noarch", "SUSE Manager Client Tools 12:spacewalk-client-tools-4.3.18-52.95.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-15T13:35:33Z", details: "important", }, ], title: "CVE-2023-40577", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.