Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-3415 (GCVE-0-2025-3415)
Vulnerability from cvelistv5
Published
2025-07-17 10:13
Modified
2025-07-17 14:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission.
Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3415",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T14:05:03.257904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T14:05:19.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Grafana",
"vendor": "Grafana",
"versions": [
{
"lessThan": "10.4.19+security-01",
"status": "affected",
"version": "10.4.x",
"versionType": "semver"
},
{
"lessThan": "11.2.10+security-01",
"status": "affected",
"version": "11.2.x",
"versionType": "semver"
},
{
"lessThan": "11.3.7+security-01",
"status": "affected",
"version": "11.3.x",
"versionType": "semver"
},
{
"lessThan": "11.4.5+security-01",
"status": "affected",
"version": "11.4.x",
"versionType": "semver"
},
{
"lessThan": "11.5.5+security-01",
"status": "affected",
"version": "11.5.x",
"versionType": "semver"
},
{
"lessThan": "11.6.2+security-01",
"status": "affected",
"version": "11.6.x",
"versionType": "semver"
},
{
"lessThan": "12.0.1+security-01",
"status": "affected",
"version": "12.0.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Saurabh Banawar"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \u003cbr\u003eFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01"
}
],
"value": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"other": {
"content": {
"Automatable": "No",
"Exploitation": "None",
"Technical Impact": "None",
"Value Density": "Diffused"
},
"type": "SSVCv2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T10:30:00.918Z",
"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
"shortName": "GRAFANA"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://grafana.com/security/security-advisories/cve-2025-3415"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
"assignerShortName": "GRAFANA",
"cveId": "CVE-2025-3415",
"datePublished": "2025-07-17T10:13:14.717Z",
"dateReserved": "2025-04-07T14:28:18.797Z",
"dateUpdated": "2025-07-17T14:05:19.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-3415\",\"sourceIdentifier\":\"security@grafana.com\",\"published\":\"2025-07-17T11:15:22.240\",\"lastModified\":\"2025-07-17T21:15:50.197\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \\nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://grafana.com/security/security-advisories/cve-2025-3415\",\"source\":\"security@grafana.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-3415\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-17T14:05:03.257904Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-17T14:05:09.376Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Saurabh Banawar\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"other\": {\"type\": \"SSVCv2.0\", \"content\": {\"Automatable\": \"No\", \"Exploitation\": \"None\", \"Value Density\": \"Diffused\", \"Technical Impact\": \"None\"}}}], \"affected\": [{\"vendor\": \"Grafana\", \"product\": \"Grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.4.x\", \"lessThan\": \"10.4.19+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"11.2.x\", \"lessThan\": \"11.2.10+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"11.3.x\", \"lessThan\": \"11.3.7+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"11.4.x\", \"lessThan\": \"11.4.5+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"11.5.x\", \"lessThan\": \"11.5.5+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"11.6.x\", \"lessThan\": \"11.6.2+security-01\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"12.0.x\", \"lessThan\": \"12.0.1+security-01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2025-3415\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \\nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \u003cbr\u003eFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"shortName\": \"GRAFANA\", \"dateUpdated\": \"2025-07-17T10:30:00.918Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-3415\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-17T14:05:19.284Z\", \"dateReserved\": \"2025-04-07T14:28:18.797Z\", \"assignerOrgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"datePublished\": \"2025-07-17T10:13:14.717Z\", \"assignerShortName\": \"GRAFANA\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2025:3819-1
Vulnerability from csaf_suse
Published
2025-10-28 07:20
Modified
2025-10-28 07:20
Summary
Security update 5.1.1 for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update 5.1.1 for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
dracut-saltboot was updated from version 0.1 to version 1.0.0:
- Version 1.0.0 bugs fixed:
* Reboot on salt key timeout (bsc#1237495)
* Fixed parsing files with space in the name (bsc#1252100)
golang-github-prometheus-alertmanager was updated from version 0.26.0 to 0.28.1 to :
- Security issues fixed:
* CVE-2025-47908: Fixed a Denial of Service vulnerability (bsc#1247748)
- Version 0.28.1 changes and bugs fixed (jsc#PED-13285):
* Improved performance of inhibition rules when using Equal
labels.
* Improve the documentation on escaping in UTF-8 matchers.
* Update alertmanager_config_hash metric help to document the
hash is not cryptographically strong.
* Fixed panic in amtool when using --verbose.
* Fixed templating of channel field for Rocket.Chat.
* Fixed rocketchat_configs written as rocket_configs in docs.
* Fixed usage for --enable-feature flag.
* Trim whitespace from OpsGenie API Key.
* Fixed Jira project template not rendered when searching for
existing issues.
* Fixed subtle bug in JSON/YAML encoding of inhibition rules that
would cause Equal labels to be omitted.
* Fixed header for slack_configs in docs.
* Fixed weight and wrap of Microsoft Teams notifications.
- Version 0.28.0 changes and bugs fixed:
* Templating errors in the SNS integration now return an error.
* Adopt log/slog, drop go-kit/log.
* Added a new Microsoft Teams integration based on Flows.
* Added a new Rocket.Chat integration.
* Added a new Jira integration.
* Added support for GOMEMLIMIT, enable it via the feature flag
--enable-feature=auto-gomemlimit.
* Added support for GOMAXPROCS, enable it via the feature flag
--enable-feature=auto-gomaxprocs.
* Added support for limits of silences including the maximum number
of active and pending silences, and the maximum size per
silence (in bytes). You can use the flags
--silences.max-silences and --silences.max-silence-size-bytes
to set them accordingly.
* Muted alerts now show whether they are suppressed or not in
both the /api/v2/alerts endpoint and the Alertmanager UI.
- Version 0.27.0 changes and bugs fixed:
* API: Removal of all api/v1/ endpoints. These endpoints
now log and return a deprecation message and respond with a
status code of 410.
* UTF-8 Support: Introduction of support for any UTF-8
character as part of label names and matchers.
* Discord Integration: Enforce max length in message.
* Metrics: Introduced the experimental feature flag
--enable-feature=receiver-name-in-metrics to include the
receiver name.
* Metrics: Introduced a new gauge named
alertmanager_inhibition_rules that counts the number of
configured inhibition rules.
* Metrics: Introduced a new counter named
alertmanager_alerts_supressed_total that tracks muted alerts,
it contains a reason label to indicate the source of the mute.
* Discord Integration: Introduced support for webhook_url_file.
* Microsoft Teams Integration: Introduced support for
webhook_url_file.
* Microsoft Teams Integration: Added support for summary.
* Metrics: Notification metrics now support two new values for
the label reason, contextCanceled and contextDeadlineExceeded.
* Email Integration: Contents of auth_password_file are now
trimmed of prefixed and suffixed whitespace.
* amtool: Fixes the error scheme required for webhook url when
using amtool with --alertmanager.url.
* Mixin: Fixed AlertmanagerFailedToSendAlerts,
AlertmanagerClusterFailedToSendAlerts, and
AlertmanagerClusterFailedToSendAlerts to make sure they ignore
the reason label.
grafana was updated to from version 11.5.5 to 11.5.7:
- Security issues fixed:
* CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (bsc#1246735)
* CVE-2025-6197: Fixed open redirect in organization switching (bsc#1246736)
* CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)
- Other bugs fixed:
* Azure: Fixed legend formatting.
* Azure: Fixed resource name determination in template variable queries.
mgr-push was updated from version 5.1.3 to 5.1.4:
- Use absolute paths when invoking external commands
python-defusedxml:
- New package implemented at version 0.7.1
rhnlib was updated from version 5.1.2 to 5.1.3:
- Use more secure defusedxml parser (bsc#1227577)
spacecmd was updated from version 5.1.8 to 5.1.11:
- Version 5.1.11 changes and bugs fixed:
* Make spacecmd work with Python 3.12 and higher
* Call print statements properly in Python 3
- Version 5.1.10 changes and bugs fixed:
* Fixed use of renamed config parser class where the backward
compatible alias was dropped in latest python version
(bsc#1246586)
- Version 5.1.9 changes and bugs fixed:
* Fixed installation of python lib files on Ubuntu 24.04
spacewalk-client-tools was updated from version 5.1.6 to 5.1.7:
- Fixed syntax error in changelog
supportutils-plugin-susemanager-client was updated from version 5.1.3 to 5.1.4:
- Fixed syntax error in changelog
uyuni-tools was updated from version 5.1.15 to 5.1.20:
- Version 5.1.20 changes and bugs fixed:
* Added migration for server monitoring configuration (bsc#1247688)
- Version 5.1.19 changes and bugs fixed:
* Added a lowercase version of --logLevel (bsc#1243611)
* Stop executing scripts in temporary folder (bsc#1243704)
* support config: collect podman inspect for hub container (bsc#1245099)
* Use new dedicated path for Cobbler settings (bsc#1244027)
* Migrate custom auto installation snippets (bsc#1246320)
* Added SUSE Linux Enterprise 15 SP7 to buildin productmap
* Fixed loading product map from mgradm configuration file (bsc#1246068)
* Fixed channel override for distro copy
* Do not use sudo when running as a root user (bsc#1246882)
* Do not require backups to be at the same location for restoring (bsc#1246906)
* Fixed recomputing proxy images when installing a PTF or TEST (bsc#1246553)
* Added mgradm server rename to change the server FQDN (bsc#1229825)
* If no DB SSL CA parameter is given, use the other one (bsc#1245120)
* More fault tolerant mgradm stop (bsc#1243331)
* Backup systemd dropin directory too and create if missing
* Added 3rd party SSL options for upgrade and migration scenarios
* Do not consider stderr output of podman as an error (bsc#1247836)
* Restore SELinux contexts for restored backup volumes (bsc#1244127)
* Automatically get up-to-date systemid file on salt based proxy hosts (bsc#1246789)
* Bump the default image tag to 5.1.1
- Version 5.1.18 changes and bugs fixed:
* Updated translation strings
- Version 5.1.17 changes and bugs fixed:
* Upgrade of saline should use scale function (bsc#1246864)
- Version 5.1.16 changes and bugs fixed:
* Use database backup volume as temporary backup location (bsc#1246628)
Patchnames
SUSE-2025-3819,SUSE-MultiLinuxManagerTools-SLE-15-2025-3819,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-3819
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndracut-saltboot was updated from version 0.1 to version 1.0.0:\n\n- Version 1.0.0 bugs fixed:\n \n * Reboot on salt key timeout (bsc#1237495)\n * Fixed parsing files with space in the name (bsc#1252100)\n\ngolang-github-prometheus-alertmanager was updated from version 0.26.0 to 0.28.1 to :\n\n- Security issues fixed:\n\n * CVE-2025-47908: Fixed a Denial of Service vulnerability (bsc#1247748)\n\n- Version 0.28.1 changes and bugs fixed (jsc#PED-13285):\n\n * Improved performance of inhibition rules when using Equal\n labels.\n * Improve the documentation on escaping in UTF-8 matchers.\n * Update alertmanager_config_hash metric help to document the\n hash is not cryptographically strong.\n * Fixed panic in amtool when using --verbose.\n * Fixed templating of channel field for Rocket.Chat.\n * Fixed rocketchat_configs written as rocket_configs in docs.\n * Fixed usage for --enable-feature flag.\n * Trim whitespace from OpsGenie API Key.\n * Fixed Jira project template not rendered when searching for\n existing issues.\n * Fixed subtle bug in JSON/YAML encoding of inhibition rules that\n would cause Equal labels to be omitted.\n * Fixed header for slack_configs in docs.\n * Fixed weight and wrap of Microsoft Teams notifications.\n \n- Version 0.28.0 changes and bugs fixed:\n\n * Templating errors in the SNS integration now return an error.\n * Adopt log/slog, drop go-kit/log.\n * Added a new Microsoft Teams integration based on Flows.\n * Added a new Rocket.Chat integration.\n * Added a new Jira integration.\n * Added support for GOMEMLIMIT, enable it via the feature flag\n --enable-feature=auto-gomemlimit.\n * Added support for GOMAXPROCS, enable it via the feature flag\n --enable-feature=auto-gomaxprocs.\n * Added support for limits of silences including the maximum number\n of active and pending silences, and the maximum size per\n silence (in bytes). You can use the flags\n --silences.max-silences and --silences.max-silence-size-bytes\n to set them accordingly.\n * Muted alerts now show whether they are suppressed or not in\n both the /api/v2/alerts endpoint and the Alertmanager UI.\n\n- Version 0.27.0 changes and bugs fixed:\n\n * API: Removal of all api/v1/ endpoints. These endpoints\n now log and return a deprecation message and respond with a\n status code of 410.\n * UTF-8 Support: Introduction of support for any UTF-8\n character as part of label names and matchers.\n * Discord Integration: Enforce max length in message.\n * Metrics: Introduced the experimental feature flag\n --enable-feature=receiver-name-in-metrics to include the\n receiver name.\n * Metrics: Introduced a new gauge named\n alertmanager_inhibition_rules that counts the number of\n configured inhibition rules.\n * Metrics: Introduced a new counter named\n alertmanager_alerts_supressed_total that tracks muted alerts,\n it contains a reason label to indicate the source of the mute.\n * Discord Integration: Introduced support for webhook_url_file.\n * Microsoft Teams Integration: Introduced support for\n webhook_url_file.\n * Microsoft Teams Integration: Added support for summary.\n * Metrics: Notification metrics now support two new values for\n the label reason, contextCanceled and contextDeadlineExceeded.\n * Email Integration: Contents of auth_password_file are now\n trimmed of prefixed and suffixed whitespace.\n * amtool: Fixes the error scheme required for webhook url when\n using amtool with --alertmanager.url.\n * Mixin: Fixed AlertmanagerFailedToSendAlerts,\n AlertmanagerClusterFailedToSendAlerts, and\n AlertmanagerClusterFailedToSendAlerts to make sure they ignore\n the reason label.\n\ngrafana was updated to from version 11.5.5 to 11.5.7:\n \n- Security issues fixed:\n\n * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (bsc#1246735)\n * CVE-2025-6197: Fixed open redirect in organization switching (bsc#1246736)\n * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)\n\n- Other bugs fixed:\n\n * Azure: Fixed legend formatting.\n * Azure: Fixed resource name determination in template variable queries.\n\nmgr-push was updated from version 5.1.3 to 5.1.4:\n\n- Use absolute paths when invoking external commands\n\npython-defusedxml:\n\n- New package implemented at version 0.7.1\n\nrhnlib was updated from version 5.1.2 to 5.1.3:\n\n- Use more secure defusedxml parser (bsc#1227577)\n\nspacecmd was updated from version 5.1.8 to 5.1.11:\n\n- Version 5.1.11 changes and bugs fixed:\n\n * Make spacecmd work with Python 3.12 and higher\n * Call print statements properly in Python 3\n\n- Version 5.1.10 changes and bugs fixed:\n\n * Fixed use of renamed config parser class where the backward\n compatible alias was dropped in latest python version\n (bsc#1246586)\n\n- Version 5.1.9 changes and bugs fixed:\n\n * Fixed installation of python lib files on Ubuntu 24.04\n\nspacewalk-client-tools was updated from version 5.1.6 to 5.1.7:\n\n- Fixed syntax error in changelog\n\nsupportutils-plugin-susemanager-client was updated from version 5.1.3 to 5.1.4:\n\n- Fixed syntax error in changelog\n\nuyuni-tools was updated from version 5.1.15 to 5.1.20:\n\n- Version 5.1.20 changes and bugs fixed:\n\n * Added migration for server monitoring configuration (bsc#1247688)\n\n- Version 5.1.19 changes and bugs fixed:\n\n * Added a lowercase version of --logLevel (bsc#1243611)\n * Stop executing scripts in temporary folder (bsc#1243704)\n * support config: collect podman inspect for hub container (bsc#1245099)\n * Use new dedicated path for Cobbler settings (bsc#1244027)\n * Migrate custom auto installation snippets (bsc#1246320)\n * Added SUSE Linux Enterprise 15 SP7 to buildin productmap\n * Fixed loading product map from mgradm configuration file (bsc#1246068)\n * Fixed channel override for distro copy\n * Do not use sudo when running as a root user (bsc#1246882)\n * Do not require backups to be at the same location for restoring (bsc#1246906)\n * Fixed recomputing proxy images when installing a PTF or TEST (bsc#1246553)\n * Added mgradm server rename to change the server FQDN (bsc#1229825)\n * If no DB SSL CA parameter is given, use the other one (bsc#1245120)\n * More fault tolerant mgradm stop (bsc#1243331)\n * Backup systemd dropin directory too and create if missing\n * Added 3rd party SSL options for upgrade and migration scenarios\n * Do not consider stderr output of podman as an error (bsc#1247836)\n * Restore SELinux contexts for restored backup volumes (bsc#1244127)\n * Automatically get up-to-date systemid file on salt based proxy hosts (bsc#1246789)\n * Bump the default image tag to 5.1.1\n\n- Version 5.1.18 changes and bugs fixed:\n\n * Updated translation strings\n \n- Version 5.1.17 changes and bugs fixed:\n\n * Upgrade of saline should use scale function (bsc#1246864)\n\n- Version 5.1.16 changes and bugs fixed:\n\n * Use database backup volume as temporary backup location (bsc#1246628)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3819,SUSE-MultiLinuxManagerTools-SLE-15-2025-3819,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-3819",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3819-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3819-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253819-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3819-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023070.html"
},
{
"category": "self",
"summary": "SUSE Bug 1019074",
"url": "https://bugzilla.suse.com/1019074"
},
{
"category": "self",
"summary": "SUSE Bug 1227577",
"url": "https://bugzilla.suse.com/1227577"
},
{
"category": "self",
"summary": "SUSE Bug 1229825",
"url": "https://bugzilla.suse.com/1229825"
},
{
"category": "self",
"summary": "SUSE Bug 1237495",
"url": "https://bugzilla.suse.com/1237495"
},
{
"category": "self",
"summary": "SUSE Bug 1243331",
"url": "https://bugzilla.suse.com/1243331"
},
{
"category": "self",
"summary": "SUSE Bug 1243611",
"url": "https://bugzilla.suse.com/1243611"
},
{
"category": "self",
"summary": "SUSE Bug 1243704",
"url": "https://bugzilla.suse.com/1243704"
},
{
"category": "self",
"summary": "SUSE Bug 1244027",
"url": "https://bugzilla.suse.com/1244027"
},
{
"category": "self",
"summary": "SUSE Bug 1244127",
"url": "https://bugzilla.suse.com/1244127"
},
{
"category": "self",
"summary": "SUSE Bug 1245099",
"url": "https://bugzilla.suse.com/1245099"
},
{
"category": "self",
"summary": "SUSE Bug 1245120",
"url": "https://bugzilla.suse.com/1245120"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1246068",
"url": "https://bugzilla.suse.com/1246068"
},
{
"category": "self",
"summary": "SUSE Bug 1246320",
"url": "https://bugzilla.suse.com/1246320"
},
{
"category": "self",
"summary": "SUSE Bug 1246553",
"url": "https://bugzilla.suse.com/1246553"
},
{
"category": "self",
"summary": "SUSE Bug 1246586",
"url": "https://bugzilla.suse.com/1246586"
},
{
"category": "self",
"summary": "SUSE Bug 1246628",
"url": "https://bugzilla.suse.com/1246628"
},
{
"category": "self",
"summary": "SUSE Bug 1246735",
"url": "https://bugzilla.suse.com/1246735"
},
{
"category": "self",
"summary": "SUSE Bug 1246736",
"url": "https://bugzilla.suse.com/1246736"
},
{
"category": "self",
"summary": "SUSE Bug 1246789",
"url": "https://bugzilla.suse.com/1246789"
},
{
"category": "self",
"summary": "SUSE Bug 1246864",
"url": "https://bugzilla.suse.com/1246864"
},
{
"category": "self",
"summary": "SUSE Bug 1246882",
"url": "https://bugzilla.suse.com/1246882"
},
{
"category": "self",
"summary": "SUSE Bug 1246906",
"url": "https://bugzilla.suse.com/1246906"
},
{
"category": "self",
"summary": "SUSE Bug 1247688",
"url": "https://bugzilla.suse.com/1247688"
},
{
"category": "self",
"summary": "SUSE Bug 1247748",
"url": "https://bugzilla.suse.com/1247748"
},
{
"category": "self",
"summary": "SUSE Bug 1247836",
"url": "https://bugzilla.suse.com/1247836"
},
{
"category": "self",
"summary": "SUSE Bug 1252100",
"url": "https://bugzilla.suse.com/1252100"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6197 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6197/"
}
],
"title": "Security update 5.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-10-28T07:20:07Z",
"generator": {
"date": "2025-10-28T07:20:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3819-1",
"initial_release_date": "2025-10-28T07:20:07Z",
"revision_history": [
{
"date": "2025-10-28T07:20:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-150002.4.3.3.aarch64",
"product": {
"name": "grafana-11.5.7-150002.4.3.3.aarch64",
"product_id": "grafana-11.5.7-150002.4.3.3.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-150002.3.3.3.aarch64",
"product": {
"name": "mgrctl-5.1.20-150002.3.3.3.aarch64",
"product_id": "mgrctl-5.1.20-150002.3.3.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"product": {
"name": "dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"product_id": "dracut-saltboot-1.0.0-150002.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-push-5.1.4-150002.3.3.3.noarch",
"product": {
"name": "mgr-push-5.1.4-150002.3.3.3.noarch",
"product_id": "mgr-push-5.1.4-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"product_id": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"product": {
"name": "mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"product_id": "mgrctl-lang-5.1.20-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"product_id": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "python2-defusedxml-0.7.1-150002.1.3.2.noarch",
"product": {
"name": "python2-defusedxml-0.7.1-150002.1.3.2.noarch",
"product_id": "python2-defusedxml-0.7.1-150002.1.3.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"product": {
"name": "python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"product_id": "python3-defusedxml-0.7.1-150002.1.3.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"product": {
"name": "python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"product_id": "python3-mgr-push-5.1.4-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"product": {
"name": "python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"product_id": "python3-rhnlib-5.1.3-150002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"product": {
"name": "python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"product_id": "python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.11-150002.3.3.2.noarch",
"product": {
"name": "spacecmd-5.1.11-150002.3.3.2.noarch",
"product_id": "spacecmd-5.1.11-150002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"product_id": "spacewalk-client-tools-5.1.7-150002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-150002.4.3.3.ppc64le",
"product": {
"name": "grafana-11.5.7-150002.4.3.3.ppc64le",
"product_id": "grafana-11.5.7-150002.4.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-150002.3.3.3.ppc64le",
"product": {
"name": "mgrctl-5.1.20-150002.3.3.3.ppc64le",
"product_id": "mgrctl-5.1.20-150002.3.3.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-150002.4.3.3.s390x",
"product": {
"name": "grafana-11.5.7-150002.4.3.3.s390x",
"product_id": "grafana-11.5.7-150002.4.3.3.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-150002.3.3.3.s390x",
"product": {
"name": "mgrctl-5.1.20-150002.3.3.3.s390x",
"product_id": "mgrctl-5.1.20-150002.3.3.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-150002.4.3.3.x86_64",
"product": {
"name": "grafana-11.5.7-150002.4.3.3.x86_64",
"product_id": "grafana-11.5.7-150002.4.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-150002.3.3.3.x86_64",
"product": {
"name": "mgrctl-5.1.20-150002.3.3.3.x86_64",
"product_id": "mgrctl-5.1.20-150002.3.3.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15"
}
},
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.0.0-150002.3.3.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch"
},
"product_reference": "dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-150002.4.3.3.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64"
},
"product_reference": "grafana-11.5.7-150002.4.3.3.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-150002.4.3.3.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le"
},
"product_reference": "grafana-11.5.7-150002.4.3.3.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-150002.4.3.3.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x"
},
"product_reference": "grafana-11.5.7-150002.4.3.3.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-150002.4.3.3.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64"
},
"product_reference": "grafana-11.5.7-150002.4.3.3.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.4-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch"
},
"product_reference": "mgr-push-5.1.4-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-defusedxml-0.7.1-150002.1.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch"
},
"product_reference": "python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-push-5.1.4-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch"
},
"product_reference": "python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rhnlib-5.1.3-150002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch"
},
"product_reference": "python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch"
},
"product_reference": "python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.11-150002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch"
},
"product_reference": "spacecmd-5.1.11-150002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.7-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.0.0-150002.3.3.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch"
},
"product_reference": "dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.20-150002.3.3.3.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64"
},
"product_reference": "mgrctl-5.1.20-150002.3.3.3.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:20:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-47908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47908"
}
],
"notes": [
{
"category": "general",
"text": "Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47908",
"url": "https://www.suse.com/security/cve/CVE-2025-47908"
},
{
"category": "external",
"summary": "SUSE Bug 1247746 for CVE-2025-47908",
"url": "https://bugzilla.suse.com/1247746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:20:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-47908"
},
{
"cve": "CVE-2025-6023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6023"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.\n\nThe open redirect can be chained with path traversal vulnerabilities to achieve XSS.\n\nFixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6023",
"url": "https://www.suse.com/security/cve/CVE-2025-6023"
},
{
"category": "external",
"summary": "SUSE Bug 1246735 for CVE-2025-6023",
"url": "https://bugzilla.suse.com/1246735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:20:07Z",
"details": "important"
}
],
"title": "CVE-2025-6023"
},
{
"cve": "CVE-2025-6197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6197"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6197",
"url": "https://www.suse.com/security/cve/CVE-2025-6197"
},
{
"category": "external",
"summary": "SUSE Bug 1246736 for CVE-2025-6197",
"url": "https://bugzilla.suse.com/1246736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.7-150002.4.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-defusedxml-0.7.1-150002.1.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.4-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.3-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.11-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.7-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.4-150002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.0.0-150002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.20-150002.3.3.3.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.20-150002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.20-150002.3.3.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:20:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-6197"
}
]
}
suse-su-2025:3817-1
Vulnerability from csaf_suse
Published
2025-10-28 07:19
Modified
2025-10-28 07:19
Summary
Security update 5.1.1 for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update 5.1.1 for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-prometheus-alertmanager:
- Update to version 0.28.1 (jsc#PED-13285):
* Improved performance of inhibition rules when using Equal
labels.
* Improve the documentation on escaping in UTF-8 matchers.
* Update alertmanager_config_hash metric help to document the
hash is not cryptographically strong.
* Fix panic in amtool when using --verbose.
* Fix templating of channel field for Rocket.Chat.
* Fix rocketchat_configs written as rocket_configs in docs.
* Fix usage for --enable-feature flag.
* Trim whitespace from OpsGenie API Key.
* Fix Jira project template not rendered when searching for
existing issues.
* Fix subtle bug in JSON/YAML encoding of inhibition rules that
would cause Equal labels to be omitted.
* Fix header for slack_configs in docs.
* Fix weight and wrap of Microsoft Teams notifications.
- Upgrade to version 0.28.0:
* CVE-2025-47908: Bump github.com/rs/cors (bsc#1247748).
* Templating errors in the SNS integration now return an error.
* Adopt log/slog, drop go-kit/log.
* Add a new Microsoft Teams integration based on Flows.
* Add a new Rocket.Chat integration.
* Add a new Jira integration.
* Add support for GOMEMLIMIT, enable it via the feature flag
--enable-feature=auto-gomemlimit.
* Add support for GOMAXPROCS, enable it via the feature flag
--enable-feature=auto-gomaxprocs.
* Add support for limits of silences including the maximum number
of active and pending silences, and the maximum size per
silence (in bytes). You can use the flags
--silences.max-silences and --silences.max-silence-size-bytes
to set them accordingly.
* Muted alerts now show whether they are suppressed or not in
both the /api/v2/alerts endpoint and the Alertmanager UI.
- Upgrade to version 0.27.0:
* API: Removal of all api/v1/ endpoints. These endpoints
now log and return a deprecation message and respond with a
status code of 410.
* UTF-8 Support: Introduction of support for any UTF-8
character as part of label names and matchers.
* Discord Integration: Enforce max length in message.
* Metrics: Introduced the experimental feature flag
--enable-feature=receiver-name-in-metrics to include the
receiver name.
* Metrics: Introduced a new gauge named
alertmanager_inhibition_rules that counts the number of
configured inhibition rules.
* Metrics: Introduced a new counter named
alertmanager_alerts_supressed_total that tracks muted alerts,
it contains a reason label to indicate the source of the mute.
* Discord Integration: Introduced support for webhook_url_file.
* Microsoft Teams Integration: Introduced support for
webhook_url_file.
* Microsoft Teams Integration: Add support for summary.
* Metrics: Notification metrics now support two new values for
the label reason, contextCanceled and contextDeadlineExceeded.
* Email Integration: Contents of auth_password_file are now
trimmed of prefixed and suffixed whitespace.
* amtool: Fixes the error scheme required for webhook url when
using amtool with --alertmanager.url.
* Mixin: Fix AlertmanagerFailedToSendAlerts,
AlertmanagerClusterFailedToSendAlerts, and
AlertmanagerClusterFailedToSendAlerts to make sure they ignore
the reason label.
grafana:
- Update to version 11.5.7:
* Security:
CVE-2025-6023: Fix cross-site-scripting via scripted dashboards
(bsc#1246735)
CVE-2025-6197: Fix open redirect in organization switching
(bsc#1246736)
* Bug fixes:
Azure: Fix legend formatting.
Azure: Fix resource name determination in template variable
queries.
- Update to version 11.5.6:
CVE-2025-3415: Fix exposure of DingDing alerting integration
URL to Viewer level users (bsc#1245302)
mgr-push:
- Version 5.1.4-0
* Use absolute paths when invoking external commands
* Fix syntax error in changelog
python-defusedxml:
- Update to 0.6.0
* Increase test coverage.
* Add badges to README.
* Test on Python 3.7 stable and 3.8-dev
* Drop support for Python 3.4
* No longer pass *html* argument to XMLParse. It has been deprecated and
ignored for a long time. The DefusedXMLParser still takes a html argument.
A deprecation warning is issued when the argument is False and a TypeError
when it's True.
* defusedxml now fails early when pyexpat stdlib module is not available or
broken.
* defusedxml.ElementTree.__all__ now lists ParseError as public attribute.
* The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo
and used XMLParse instead of XMLParser as an alias for DefusedXMLParser.
Both the old and fixed name are now available.
- Remove superfluous devel dependency for noarch package
- Fix source url.
- Update to 5.0
* Add compatibility with Python 3.6
* Drop support for Python 2.6, 3.1, 3.2, 3.3
* Fix lxml tests (XMLSyntaxError: Detected an entity reference loop)
- Implement single-spec version.
- Dummy changelog for bsc#1019074, FATE#322329
- Initial packaging.
rhnlib:
- Version 5.1.3-0
* Fix syntax error in changelog
* Use more secure defusedxml parser (bsc#1227577)
spacecmd:
- Version 5.1.11-0
* Make spacecmd work with Python 3.12 and higher
* Call print statements properly in Python 3
- Version 5.1.10-0
* Fix use of renamed config parser class where the backward
compatible alias was dropped in latest python version
(bsc#1246586)
- Version 5.1.9-0
* Fix installation of python lib files on Ubuntu 24.04
spacewalk-client-tools:
- Version 5.1.7-0
* Fix syntax error in changelog
supportutils-plugin-susemanager-client:
- Version 5.1.4-0
* Fix syntax error in changelog
uyuni-tools:
- version 5.1.20-0
* Add migration for server monitoring configuration (bsc#1247688)
- version 5.1.19-0
* Add a lowercase version of --logLevel (bsc#1243611)
* Stop executing scripts in temporary folder (bsc#1243704)
* support config: collect podman inspect for hub container
(bsc#1245099)
* Use new dedicated path for Cobbler settings (bsc#1244027)
* Migrate custom auto installation snippets (bsc#1246320)
* Add SUSE Linux Enterprise 15 SP7 to buildin productmap
* Fix loading product map from mgradm configuration file
(bsc#1246068)
* Fix channel override for distro copy
* Do not use sudo when running as a root user (bsc#1246882)
* Do not require backups to be at the same location for restoring
(bsc#1246906)
* Fix recomputing proxy images when installing a PTF or TEST
(bsc#1246553)
* Add mgradm server rename to change the server FQDN (bsc#1229825)
* If no DB SSL CA parameter is given, use the other one
(bsc#1245120)
* More fault tolerant mgradm stop (bsc#1243331)
* Backup systemd dropin directory too and create if missing
* Add 3rd party SSL options for upgrade and migration scenarios
* Do not consider stderr output of podman as an error
(bsc#1247836)
* Restore SELinux contexts for restored backup volumes
(bsc#1244127)
* Automatically get up-to-date systemid file on salt based proxy
hosts (bsc#1246789)
* Bump the default image tag to 5.1.1
- version 5.1.18-0
* Update translation strings
- version 5.1.17-0
* upgrade saline should use scale function (bsc#1246864)
- version 5.1.16-0
* Use database backup volume as temporary backup location
(bsc#1246628)
Patchnames
SUSE-2025-3817,SUSE-MultiLinuxManagerTools-SLE-12-2025-3817
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-prometheus-alertmanager:\n\n- Update to version 0.28.1 (jsc#PED-13285):\n * Improved performance of inhibition rules when using Equal\n labels.\n * Improve the documentation on escaping in UTF-8 matchers.\n * Update alertmanager_config_hash metric help to document the\n hash is not cryptographically strong.\n * Fix panic in amtool when using --verbose.\n * Fix templating of channel field for Rocket.Chat.\n * Fix rocketchat_configs written as rocket_configs in docs.\n * Fix usage for --enable-feature flag.\n * Trim whitespace from OpsGenie API Key.\n * Fix Jira project template not rendered when searching for\n existing issues.\n * Fix subtle bug in JSON/YAML encoding of inhibition rules that\n would cause Equal labels to be omitted.\n * Fix header for slack_configs in docs.\n * Fix weight and wrap of Microsoft Teams notifications.\n- Upgrade to version 0.28.0:\n * CVE-2025-47908: Bump github.com/rs/cors (bsc#1247748).\n * Templating errors in the SNS integration now return an error.\n * Adopt log/slog, drop go-kit/log.\n * Add a new Microsoft Teams integration based on Flows.\n * Add a new Rocket.Chat integration.\n * Add a new Jira integration.\n * Add support for GOMEMLIMIT, enable it via the feature flag\n --enable-feature=auto-gomemlimit.\n * Add support for GOMAXPROCS, enable it via the feature flag\n --enable-feature=auto-gomaxprocs.\n * Add support for limits of silences including the maximum number\n of active and pending silences, and the maximum size per\n silence (in bytes). You can use the flags\n --silences.max-silences and --silences.max-silence-size-bytes\n to set them accordingly.\n * Muted alerts now show whether they are suppressed or not in\n both the /api/v2/alerts endpoint and the Alertmanager UI.\n- Upgrade to version 0.27.0:\n * API: Removal of all api/v1/ endpoints. These endpoints\n now log and return a deprecation message and respond with a\n status code of 410.\n * UTF-8 Support: Introduction of support for any UTF-8\n character as part of label names and matchers.\n * Discord Integration: Enforce max length in message.\n * Metrics: Introduced the experimental feature flag\n --enable-feature=receiver-name-in-metrics to include the\n receiver name.\n * Metrics: Introduced a new gauge named\n alertmanager_inhibition_rules that counts the number of\n configured inhibition rules.\n * Metrics: Introduced a new counter named\n alertmanager_alerts_supressed_total that tracks muted alerts,\n it contains a reason label to indicate the source of the mute.\n * Discord Integration: Introduced support for webhook_url_file.\n * Microsoft Teams Integration: Introduced support for\n webhook_url_file.\n * Microsoft Teams Integration: Add support for summary.\n * Metrics: Notification metrics now support two new values for\n the label reason, contextCanceled and contextDeadlineExceeded.\n * Email Integration: Contents of auth_password_file are now\n trimmed of prefixed and suffixed whitespace.\n * amtool: Fixes the error scheme required for webhook url when\n using amtool with --alertmanager.url.\n * Mixin: Fix AlertmanagerFailedToSendAlerts,\n AlertmanagerClusterFailedToSendAlerts, and\n AlertmanagerClusterFailedToSendAlerts to make sure they ignore\n the reason label.\n\ngrafana:\n\n- Update to version 11.5.7:\n * Security:\n CVE-2025-6023: Fix cross-site-scripting via scripted dashboards\n (bsc#1246735)\n CVE-2025-6197: Fix open redirect in organization switching\n (bsc#1246736)\n * Bug fixes:\n Azure: Fix legend formatting.\n Azure: Fix resource name determination in template variable\n queries.\n- Update to version 11.5.6:\n CVE-2025-3415: Fix exposure of DingDing alerting integration\n URL to Viewer level users (bsc#1245302)\n\nmgr-push:\n\n- Version 5.1.4-0\n * Use absolute paths when invoking external commands\n * Fix syntax error in changelog\n\npython-defusedxml:\n\n- Update to 0.6.0\n * Increase test coverage.\n * Add badges to README.\n * Test on Python 3.7 stable and 3.8-dev\n * Drop support for Python 3.4\n * No longer pass *html* argument to XMLParse. It has been deprecated and\n ignored for a long time. The DefusedXMLParser still takes a html argument.\n A deprecation warning is issued when the argument is False and a TypeError\n when it\u0027s True.\n * defusedxml now fails early when pyexpat stdlib module is not available or\n broken.\n * defusedxml.ElementTree.__all__ now lists ParseError as public attribute.\n * The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo\n and used XMLParse instead of XMLParser as an alias for DefusedXMLParser.\n Both the old and fixed name are now available.\n- Remove superfluous devel dependency for noarch package\n- Fix source url.\n- Update to 5.0\n * Add compatibility with Python 3.6\n * Drop support for Python 2.6, 3.1, 3.2, 3.3\n * Fix lxml tests (XMLSyntaxError: Detected an entity reference loop)\n- Implement single-spec version.\n- Dummy changelog for bsc#1019074, FATE#322329\n- Initial packaging.\n\nrhnlib:\n\n- Version 5.1.3-0\n * Fix syntax error in changelog\n * Use more secure defusedxml parser (bsc#1227577)\n\nspacecmd:\n\n- Version 5.1.11-0\n * Make spacecmd work with Python 3.12 and higher\n * Call print statements properly in Python 3\n- Version 5.1.10-0\n * Fix use of renamed config parser class where the backward\n compatible alias was dropped in latest python version\n (bsc#1246586)\n- Version 5.1.9-0\n * Fix installation of python lib files on Ubuntu 24.04\n\nspacewalk-client-tools:\n\n- Version 5.1.7-0\n * Fix syntax error in changelog\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.1.4-0\n * Fix syntax error in changelog\n\nuyuni-tools:\n\n- version 5.1.20-0\n * Add migration for server monitoring configuration (bsc#1247688)\n\n- version 5.1.19-0\n * Add a lowercase version of --logLevel (bsc#1243611)\n * Stop executing scripts in temporary folder (bsc#1243704)\n * support config: collect podman inspect for hub container\n (bsc#1245099)\n * Use new dedicated path for Cobbler settings (bsc#1244027)\n * Migrate custom auto installation snippets (bsc#1246320)\n * Add SUSE Linux Enterprise 15 SP7 to buildin productmap\n * Fix loading product map from mgradm configuration file\n (bsc#1246068)\n * Fix channel override for distro copy\n * Do not use sudo when running as a root user (bsc#1246882)\n * Do not require backups to be at the same location for restoring\n (bsc#1246906)\n * Fix recomputing proxy images when installing a PTF or TEST\n (bsc#1246553)\n * Add mgradm server rename to change the server FQDN (bsc#1229825)\n * If no DB SSL CA parameter is given, use the other one\n (bsc#1245120)\n * More fault tolerant mgradm stop (bsc#1243331)\n * Backup systemd dropin directory too and create if missing\n * Add 3rd party SSL options for upgrade and migration scenarios\n * Do not consider stderr output of podman as an error\n (bsc#1247836)\n * Restore SELinux contexts for restored backup volumes\n (bsc#1244127)\n * Automatically get up-to-date systemid file on salt based proxy\n hosts (bsc#1246789)\n * Bump the default image tag to 5.1.1\n\n- version 5.1.18-0\n * Update translation strings\n\n- version 5.1.17-0\n * upgrade saline should use scale function (bsc#1246864)\n\n- version 5.1.16-0\n * Use database backup volume as temporary backup location\n (bsc#1246628)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3817,SUSE-MultiLinuxManagerTools-SLE-12-2025-3817",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_3817-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:3817-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253817-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:3817-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023071.html"
},
{
"category": "self",
"summary": "SUSE Bug 1019074",
"url": "https://bugzilla.suse.com/1019074"
},
{
"category": "self",
"summary": "SUSE Bug 1227577",
"url": "https://bugzilla.suse.com/1227577"
},
{
"category": "self",
"summary": "SUSE Bug 1229825",
"url": "https://bugzilla.suse.com/1229825"
},
{
"category": "self",
"summary": "SUSE Bug 1243331",
"url": "https://bugzilla.suse.com/1243331"
},
{
"category": "self",
"summary": "SUSE Bug 1243611",
"url": "https://bugzilla.suse.com/1243611"
},
{
"category": "self",
"summary": "SUSE Bug 1243704",
"url": "https://bugzilla.suse.com/1243704"
},
{
"category": "self",
"summary": "SUSE Bug 1244027",
"url": "https://bugzilla.suse.com/1244027"
},
{
"category": "self",
"summary": "SUSE Bug 1244127",
"url": "https://bugzilla.suse.com/1244127"
},
{
"category": "self",
"summary": "SUSE Bug 1245099",
"url": "https://bugzilla.suse.com/1245099"
},
{
"category": "self",
"summary": "SUSE Bug 1245120",
"url": "https://bugzilla.suse.com/1245120"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1246068",
"url": "https://bugzilla.suse.com/1246068"
},
{
"category": "self",
"summary": "SUSE Bug 1246320",
"url": "https://bugzilla.suse.com/1246320"
},
{
"category": "self",
"summary": "SUSE Bug 1246553",
"url": "https://bugzilla.suse.com/1246553"
},
{
"category": "self",
"summary": "SUSE Bug 1246586",
"url": "https://bugzilla.suse.com/1246586"
},
{
"category": "self",
"summary": "SUSE Bug 1246628",
"url": "https://bugzilla.suse.com/1246628"
},
{
"category": "self",
"summary": "SUSE Bug 1246735",
"url": "https://bugzilla.suse.com/1246735"
},
{
"category": "self",
"summary": "SUSE Bug 1246736",
"url": "https://bugzilla.suse.com/1246736"
},
{
"category": "self",
"summary": "SUSE Bug 1246789",
"url": "https://bugzilla.suse.com/1246789"
},
{
"category": "self",
"summary": "SUSE Bug 1246864",
"url": "https://bugzilla.suse.com/1246864"
},
{
"category": "self",
"summary": "SUSE Bug 1246882",
"url": "https://bugzilla.suse.com/1246882"
},
{
"category": "self",
"summary": "SUSE Bug 1246906",
"url": "https://bugzilla.suse.com/1246906"
},
{
"category": "self",
"summary": "SUSE Bug 1247688",
"url": "https://bugzilla.suse.com/1247688"
},
{
"category": "self",
"summary": "SUSE Bug 1247748",
"url": "https://bugzilla.suse.com/1247748"
},
{
"category": "self",
"summary": "SUSE Bug 1247836",
"url": "https://bugzilla.suse.com/1247836"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6197 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6197/"
}
],
"title": "Security update 5.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-10-28T07:19:09Z",
"generator": {
"date": "2025-10-28T07:19:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:3817-1",
"initial_release_date": "2025-10-28T07:19:09Z",
"revision_history": [
{
"date": "2025-10-28T07:19:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-120002.4.3.2.aarch64",
"product": {
"name": "grafana-11.5.7-120002.4.3.2.aarch64",
"product_id": "grafana-11.5.7-120002.4.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-120002.3.3.2.aarch64",
"product": {
"name": "mgrctl-5.1.20-120002.3.3.2.aarch64",
"product_id": "mgrctl-5.1.20-120002.3.3.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-push-5.1.4-120002.3.3.3.noarch",
"product": {
"name": "mgr-push-5.1.4-120002.3.3.3.noarch",
"product_id": "mgr-push-5.1.4-120002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.20-120002.3.3.2.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.20-120002.3.3.2.noarch",
"product_id": "mgrctl-bash-completion-5.1.20-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.20-120002.3.3.2.noarch",
"product": {
"name": "mgrctl-lang-5.1.20-120002.3.3.2.noarch",
"product_id": "mgrctl-lang-5.1.20-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.20-120002.3.3.2.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.20-120002.3.3.2.noarch",
"product_id": "mgrctl-zsh-completion-5.1.20-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "python-defusedxml-0.6.0-120002.1.3.1.noarch",
"product": {
"name": "python-defusedxml-0.6.0-120002.1.3.1.noarch",
"product_id": "python-defusedxml-0.6.0-120002.1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"product": {
"name": "python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"product_id": "python2-mgr-push-5.1.4-120002.3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"product": {
"name": "python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"product_id": "python2-rhnlib-5.1.3-120002.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"product": {
"name": "python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"product_id": "python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-defusedxml-0.6.0-120002.1.3.1.noarch",
"product": {
"name": "python3-defusedxml-0.6.0-120002.1.3.1.noarch",
"product_id": "python3-defusedxml-0.6.0-120002.1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.11-120002.3.3.2.noarch",
"product": {
"name": "spacecmd-5.1.11-120002.3.3.2.noarch",
"product_id": "spacecmd-5.1.11-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"product_id": "spacewalk-client-tools-5.1.7-120002.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-120002.4.3.2.ppc64le",
"product": {
"name": "grafana-11.5.7-120002.4.3.2.ppc64le",
"product_id": "grafana-11.5.7-120002.4.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-120002.3.3.2.ppc64le",
"product": {
"name": "mgrctl-5.1.20-120002.3.3.2.ppc64le",
"product_id": "mgrctl-5.1.20-120002.3.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-120002.4.3.2.s390x",
"product": {
"name": "grafana-11.5.7-120002.4.3.2.s390x",
"product_id": "grafana-11.5.7-120002.4.3.2.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-120002.3.3.2.s390x",
"product": {
"name": "mgrctl-5.1.20-120002.3.3.2.s390x",
"product_id": "mgrctl-5.1.20-120002.3.3.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.7-120002.4.3.2.x86_64",
"product": {
"name": "grafana-11.5.7-120002.4.3.2.x86_64",
"product_id": "grafana-11.5.7-120002.4.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.20-120002.3.3.2.x86_64",
"product": {
"name": "mgrctl-5.1.20-120002.3.3.2.x86_64",
"product_id": "mgrctl-5.1.20-120002.3.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-120002.4.3.2.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64"
},
"product_reference": "grafana-11.5.7-120002.4.3.2.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-120002.4.3.2.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le"
},
"product_reference": "grafana-11.5.7-120002.4.3.2.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-120002.4.3.2.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x"
},
"product_reference": "grafana-11.5.7-120002.4.3.2.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.7-120002.4.3.2.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64"
},
"product_reference": "grafana-11.5.7-120002.4.3.2.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.4-120002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch"
},
"product_reference": "mgr-push-5.1.4-120002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-defusedxml-0.6.0-120002.1.3.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch"
},
"product_reference": "python-defusedxml-0.6.0-120002.1.3.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-mgr-push-5.1.4-120002.3.3.3.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch"
},
"product_reference": "python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-rhnlib-5.1.3-120002.3.3.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch"
},
"product_reference": "python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch"
},
"product_reference": "python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.11-120002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch"
},
"product_reference": "spacecmd-5.1.11-120002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.7-120002.3.3.2.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:19:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-47908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47908"
}
],
"notes": [
{
"category": "general",
"text": "Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47908",
"url": "https://www.suse.com/security/cve/CVE-2025-47908"
},
{
"category": "external",
"summary": "SUSE Bug 1247746 for CVE-2025-47908",
"url": "https://bugzilla.suse.com/1247746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:19:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-47908"
},
{
"cve": "CVE-2025-6023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6023"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.\n\nThe open redirect can be chained with path traversal vulnerabilities to achieve XSS.\n\nFixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6023",
"url": "https://www.suse.com/security/cve/CVE-2025-6023"
},
{
"category": "external",
"summary": "SUSE Bug 1246735 for CVE-2025-6023",
"url": "https://bugzilla.suse.com/1246735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:19:09Z",
"details": "important"
}
],
"title": "CVE-2025-6023"
},
{
"cve": "CVE-2025-6197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6197"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6197",
"url": "https://www.suse.com/security/cve/CVE-2025-6197"
},
{
"category": "external",
"summary": "SUSE Bug 1246736 for CVE-2025-6197",
"url": "https://bugzilla.suse.com/1246736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.7-120002.4.3.2.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python-defusedxml-0.6.0-120002.1.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.4-120002.3.3.3.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.3-120002.3.3.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.11-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.7-120002.3.3.2.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.4-120002.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-28T07:19:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-6197"
}
]
}
ghsa-46m5-8hpj-p5p5
Vulnerability from github
Published
2025-07-17 12:30
Modified
2025-07-22 21:27
Severity ?
VLAI Severity ?
Summary
Grafana's insecure DingDing Alert integration exposes sensitive information
Details
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.2-0.20250514160932-04111e9f2afd"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-3415"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-18T18:37:08Z",
"nvd_published_at": "2025-07-17T11:15:22Z",
"severity": "MODERATE"
},
"details": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01.",
"id": "GHSA-46m5-8hpj-p5p5",
"modified": "2025-07-22T21:27:05Z",
"published": "2025-07-17T12:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3415"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/04111e9f2afd95ea3e5b01865cc29d3fc1198e71"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/0adb869188fa2b9ae26efd424b94e17189538f29"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/19c912476d4f7a81e8a3562668bc38f31b909e18"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/4144c636d1a6d0b17fafcf7a2c40fa403542202a"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/4fc33647a8297d3a0aae04a5fcbac883ceb6a655"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/910eb1dd9e618014c6b1d2a99a431b99d4268c05"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/91327938626c9426e481e6294850af7b61415c98"
},
{
"type": "WEB",
"url": "https://github.com/grafana/grafana/commit/a78de30720b4f33c88d0c1a973e693ebf3831717"
},
{
"type": "PACKAGE",
"url": "https://github.com/grafana/grafana"
},
{
"type": "WEB",
"url": "https://grafana.com/security/security-advisories/cve-2025-3415"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Grafana\u0027s insecure DingDing Alert integration exposes sensitive information"
}
opensuse-su-2025:15226-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
grafana-11.6.3-1.1 on GA media
Notes
Title of the patch
grafana-11.6.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the grafana-11.6.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15226
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-11.6.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-11.6.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15226",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15226-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
}
],
"title": "grafana-11.6.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15226-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.3-1.1.aarch64",
"product": {
"name": "grafana-11.6.3-1.1.aarch64",
"product_id": "grafana-11.6.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.3-1.1.ppc64le",
"product": {
"name": "grafana-11.6.3-1.1.ppc64le",
"product_id": "grafana-11.6.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.3-1.1.s390x",
"product": {
"name": "grafana-11.6.3-1.1.s390x",
"product_id": "grafana-11.6.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.3-1.1.x86_64",
"product": {
"name": "grafana-11.6.3-1.1.x86_64",
"product_id": "grafana-11.6.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64"
},
"product_reference": "grafana-11.6.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le"
},
"product_reference": "grafana-11.6.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x"
},
"product_reference": "grafana-11.6.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
},
"product_reference": "grafana-11.6.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-1088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1088"
}
],
"notes": [
{
"category": "general",
"text": "In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana.\nThis issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1088",
"url": "https://www.suse.com/security/cve/CVE-2025-1088"
},
{
"category": "external",
"summary": "SUSE Bug 1245224 for CVE-2025-1088",
"url": "https://bugzilla.suse.com/1245224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-1088"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.3-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
}
]
}
opensuse-su-2025:15405-1
Vulnerability from csaf_opensuse
Published
2025-08-04 00:00
Modified
2025-08-04 00:00
Summary
govulncheck-vulndb-0.0.20250730T213748-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250730T213748-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250730T213748-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15405
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250730T213748-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250730T213748-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15405",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15405-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56731 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32019 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3227 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3228 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-46702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-46702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47281 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-51471 page",
"url": "https://www.suse.com/security/cve/CVE-2025-51471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52477 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52893 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52902 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52904 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53633 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53826 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53893 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54379 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-5981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-5981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6032 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6224 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6224/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6226 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6227 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6233 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6264 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6624/"
}
],
"title": "govulncheck-vulndb-0.0.20250730T213748-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-04T00:00:00Z",
"generator": {
"date": "2025-08-04T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15405-1",
"initial_release_date": "2025-08-04T00:00:00Z",
"revision_history": [
{
"date": "2025-08-04T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250730T213748-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-44905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44905"
}
],
"notes": [
{
"category": "general",
"text": "go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44905",
"url": "https://www.suse.com/security/cve/CVE-2024-44905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-44905"
},
{
"cve": "CVE-2024-44906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44906"
}
],
"notes": [
{
"category": "general",
"text": "uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go. The maintainer has stated that the issue is fixed in v1.2.15.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44906",
"url": "https://www.suse.com/security/cve/CVE-2024-44906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-44906"
},
{
"cve": "CVE-2024-56731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56731"
}
],
"notes": [
{
"category": "general",
"text": "Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it\u0027s still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users\u0027 code hosted on the same instance. This issue has been patched in version 0.13.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56731",
"url": "https://www.suse.com/security/cve/CVE-2024-56731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2024-56731"
},
{
"cve": "CVE-2025-0928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0928"
}
],
"notes": [
{
"category": "general",
"text": "In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0928",
"url": "https://www.suse.com/security/cve/CVE-2025-0928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-0928"
},
{
"cve": "CVE-2025-1088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1088"
}
],
"notes": [
{
"category": "general",
"text": "In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana.\nThis issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1088",
"url": "https://www.suse.com/security/cve/CVE-2025-1088"
},
{
"category": "external",
"summary": "SUSE Bug 1245224 for CVE-2025-1088",
"url": "https://bugzilla.suse.com/1245224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-1088"
},
{
"cve": "CVE-2025-30086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30086"
}
],
"notes": [
{
"category": "general",
"text": "CNCF Harbor 2.13.x before 2.13.1 and 2.12.x before 2.12.4 allows information disclosure by administrators who can exploit an ORM Leak present in the /api/v2.0/users endpoint to leak users\u0027 password hash and salt values. The q URL parameter allows a user to filter users by any column, and filter password=~ could be abused to leak out a user\u0027s password hash character by character. An attacker with administrator access could exploit this to leak highly sensitive information stored in the Harbor database. All endpoints that support the q URL parameter are vulnerable to this ORM leak attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30086",
"url": "https://www.suse.com/security/cve/CVE-2025-30086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-30086"
},
{
"cve": "CVE-2025-32019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32019"
}
],
"notes": [
{
"category": "general",
"text": "Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed in versions 2.11.3 and 2.12.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32019",
"url": "https://www.suse.com/security/cve/CVE-2025-32019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-32019"
},
{
"cve": "CVE-2025-3227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3227"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.5, 9.11.x \u003c= 9.11.15, 10.8.x \u003c= 10.8.0, 10.7.x \u003c= 10.7.2, 10.6.x \u003c= 10.6.5 fail to properly enforce channel member management permissions in playbook runs, allowing authenticated users without the \u0027Manage Channel Members\u0027 permission to add or remove users from public and private channels by manipulating playbook run participants when the run is linked to a channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3227",
"url": "https://www.suse.com/security/cve/CVE-2025-3227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3227"
},
{
"cve": "CVE-2025-3228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3228"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.5, 9.11.x \u003c= 9.11.15, 10.8.x \u003c= 10.8.0, 10.7.x \u003c= 10.7.2, 10.6.x \u003c= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3228",
"url": "https://www.suse.com/security/cve/CVE-2025-3228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3228"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-4563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4563"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled, the controller properly validates resource claim statuses during pod status updates but fails to perform equivalent validation during pod creation. This allows a compromised node to create mirror pods that access unauthorized dynamic resources, potentially leading to privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4563",
"url": "https://www.suse.com/security/cve/CVE-2025-4563"
},
{
"category": "external",
"summary": "SUSE Bug 1245185 for CVE-2025-4563",
"url": "https://bugzilla.suse.com/1245185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4563"
},
{
"cve": "CVE-2025-4656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4656"
}
],
"notes": [
{
"category": "general",
"text": "Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4656",
"url": "https://www.suse.com/security/cve/CVE-2025-4656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-4656"
},
{
"cve": "CVE-2025-46702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-46702"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.5, 9.11.x \u003c= 9.11.15, 10.8.x \u003c= 10.8.0, 10.7.x \u003c= 10.7.2, 10.6.x \u003c= 10.6.5 fail to properly enforce channel member management permissions when adding participants to playbook runs. This allows authenticated users with member-level permissions to bypass system admin restrictions and add or remove users to/from private channels via the playbook run participants feature, even when the \u0027Manage Members\u0027 permission has been explicitly removed. This can lead to unauthorized access to sensitive channel content and allow guest users to gain channel management privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-46702",
"url": "https://www.suse.com/security/cve/CVE-2025-46702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-46702"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47281"
}
],
"notes": [
{
"category": "general",
"text": "Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service (DoS) vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the {{@}} variable combined with a pipe and an invalid JMESPath function (e.g., {{@ | non_existent_function }}). This leads to a nil value being substituted into the policy structure. Subsequent processing by internal functions, specifically getValueAsStringMap, which expect string values, results in a panic due to a type assertion failure (interface {} is nil, not string). This crashes Kyverno worker threads in the admission controller and causes continuous crashes of the reports controller pod. This is fixed in version 1.14.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47281",
"url": "https://www.suse.com/security/cve/CVE-2025-47281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47281"
},
{
"cve": "CVE-2025-47871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47871"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.5, 9.11.x \u003c= 9.11.15, 10.8.x \u003c= 10.8.0, 10.7.x \u003c= 10.7.2, 10.6.x \u003c= 10.6.5 fail to properly validate channel membership when retrieving playbook run metadata, allowing authenticated users who are playbook members but not channel members to access sensitive information about linked private channels including channel name, display name, and participant count through the run metadata API endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47871",
"url": "https://www.suse.com/security/cve/CVE-2025-47871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47871"
},
{
"cve": "CVE-2025-47943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47943"
}
],
"notes": [
{
"category": "general",
"text": "Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting (XSS) vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated component: pdfjs-1.4.20 under public/plugins/. This issue has been fixed for gogs.io/gogs in version 0.13.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47943",
"url": "https://www.suse.com/security/cve/CVE-2025-47943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47943"
},
{
"cve": "CVE-2025-4922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4922"
}
],
"notes": [
{
"category": "general",
"text": "Nomad Community and Nomad Enterprise (\"Nomad\") prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4922",
"url": "https://www.suse.com/security/cve/CVE-2025-4922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-4922"
},
{
"cve": "CVE-2025-4981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4981"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.5, 9.11.x \u003c= 9.11.15, 10.8.x \u003c= 10.8.0, 10.7.x \u003c= 10.7.2, 10.6.x \u003c= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequences in filenames, potentially leading to remote code execution. The vulnerability impacts instances where file uploads and document search by content is enabled (FileSettings.EnableFileAttachments = true and FileSettings.ExtractContent = true). These configuration settings are enabled by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4981",
"url": "https://www.suse.com/security/cve/CVE-2025-4981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-4981"
},
{
"cve": "CVE-2025-49825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49825"
}
],
"notes": [
{
"category": "general",
"text": "Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49825",
"url": "https://www.suse.com/security/cve/CVE-2025-49825"
},
{
"category": "external",
"summary": "SUSE Bug 1244718 for CVE-2025-49825",
"url": "https://bugzilla.suse.com/1244718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-49825"
},
{
"cve": "CVE-2025-5030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5030"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5030",
"url": "https://www.suse.com/security/cve/CVE-2025-5030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-5030"
},
{
"cve": "CVE-2025-51471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-51471"
}
],
"notes": [
{
"category": "general",
"text": "Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-51471",
"url": "https://www.suse.com/security/cve/CVE-2025-51471"
},
{
"category": "external",
"summary": "SUSE Bug 1246915 for CVE-2025-51471",
"url": "https://bugzilla.suse.com/1246915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-51471"
},
{
"cve": "CVE-2025-52477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52477"
}
],
"notes": [
{
"category": "general",
"text": "Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52477",
"url": "https://www.suse.com/security/cve/CVE-2025-52477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52477"
},
{
"cve": "CVE-2025-52889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52889"
}
],
"notes": [
{
"category": "general",
"text": "Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to DHCP pool exhaustion and opens the door for other attacks. A patch is available at commit 2516fb19ad8428454cb4edfe70c0a5f0dc1da214.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52889",
"url": "https://www.suse.com/security/cve/CVE-2025-52889"
},
{
"category": "external",
"summary": "SUSE Bug 1245365 for CVE-2025-52889",
"url": "https://bugzilla.suse.com/1245365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-52889"
},
{
"cve": "CVE-2025-52890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52890"
}
],
"notes": [
{
"category": "general",
"text": "Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to ARP spoofing on the bridge and to fully spoof another VM/container on the same bridge. Commit 254dfd2483ab8de39b47c2258b7f1cf0759231c8 contains a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52890",
"url": "https://www.suse.com/security/cve/CVE-2025-52890"
},
{
"category": "external",
"summary": "SUSE Bug 1245367 for CVE-2025-52890",
"url": "https://bugzilla.suse.com/1245367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52890"
},
{
"cve": "CVE-2025-52893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52893"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. This issue has been fixed in OpenBao v2.3.0 and later. Like with HCSEC-2025-09, there is no known workaround except to ensure properly formatted requests from all clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52893",
"url": "https://www.suse.com/security/cve/CVE-2025-52893"
},
{
"category": "external",
"summary": "SUSE Bug 1245381 for CVE-2025-52893",
"url": "https://bugzilla.suse.com/1245381"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-52893"
},
{
"cve": "CVE-2025-52894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52894"
}
],
"notes": [
{
"category": "general",
"text": "OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of service. In OpenBao v2.2.0 and later, manually setting the configuration option `disable_unauthed_rekey_endpoints=true` allows an operator to deny these rarely-used endpoints on global listeners. A patch is available at commit fe75468822a22a88318c6079425357a02ae5b77b. In a future OpenBao release communicated on OpenBao\u0027s website, the maintainers will set this to `true` for all users and provide an authenticated alternative. As a workaround, if an active proxy or load balancer sits in front of OpenBao, an operator can deny requests to these endpoints from unauthorized IP ranges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52894",
"url": "https://www.suse.com/security/cve/CVE-2025-52894"
},
{
"category": "external",
"summary": "SUSE Bug 1245389 for CVE-2025-52894",
"url": "https://bugzilla.suse.com/1245389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52894"
},
{
"cve": "CVE-2025-52900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52900"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers using File Browser prior to version 2.33.7 where the umask configuration has not been hardened before, this makes all the stated files readable by any operating system account. Version 2.33.7 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52900",
"url": "https://www.suse.com/security/cve/CVE-2025-52900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-52900"
},
{
"cve": "CVE-2025-52901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52901"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token (JWT) which is used as a session identifier will get leaked to anyone having access to the URLs accessed by the user. This will give an attacker full access to a user\u0027s account and, in consequence, to all sensitive files the user has access to. This issue has been patched in version 2.33.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52901",
"url": "https://www.suse.com/security/cve/CVE-2025-52901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-52901"
},
{
"cve": "CVE-2025-52902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52902"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting (XSS). Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the browser. Version 2.33.7 contains a fix for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52902",
"url": "https://www.suse.com/security/cve/CVE-2025-52902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52902"
},
{
"cve": "CVE-2025-52903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52903"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the Command Execution feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. The concrete impact depends on the commands being granted to the attacker, but the large number of standard commands allowing the execution of subcommands makes it likely that every user having the `Execute commands` permissions can exploit this vulnerability. Everyone who can exploit it will have full code execution rights with the uid of the server process. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application\u0027s configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. The fix is tracked on pull request 5199.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52903",
"url": "https://www.suse.com/security/cve/CVE-2025-52903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52903"
},
{
"cve": "CVE-2025-52904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52904"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of the web application, all users have a scope assigned, and they only have access to the files within that scope. The Command Execution feature of Filebrowser allows the execution of shell commands which are not restricted to the scope, potentially giving an attacker read and write access to all files managed by the server. Until this issue is fixed, the maintainers recommend to completely disable `Execute commands` for all accounts. Since the command execution is an inherently dangerous feature that is not used by all deployments, it should be possible to completely disable it in the application\u0027s configuration. As a defense-in-depth measure, organizations not requiring command execution should operate the Filebrowser from a distroless container image. A patch version has been pushed to disable the feature for all existent installations, and making it opt-in. A warning has been added to the documentation and is printed on the console if the feature is enabled. Due to the project being in maintenance-only mode, the bug has not been fixed. Fix is tracked on pull request 5199.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52904",
"url": "https://www.suse.com/security/cve/CVE-2025-52904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52904"
},
{
"cve": "CVE-2025-52995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52995"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.10, the implementation of the allowlist is erroneous, allowing a user to execute more shell commands than they are authorized for. The concrete impact of this vulnerability depends on the commands configured, and the binaries installed on the server or in the container image. Due to the missing separation of scopes on the OS-level, this could give an attacker access to all files managed the application, including the File Browser database. This issue has been patched in version 2.33.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52995",
"url": "https://www.suse.com/security/cve/CVE-2025-52995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52995"
},
{
"cve": "CVE-2025-52996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52996"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions 2.32.0 and prior, the implementation of password protected links is error-prone, resulting in potential unprotected sharing of a file through a direct download link. This link can either be shared unknowingly by a user or discovered from various locations such as the browser history or the log of a proxy server used. At time of publication, no known patched versions are available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52996",
"url": "https://www.suse.com/security/cve/CVE-2025-52996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-52996"
},
{
"cve": "CVE-2025-52997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52997"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52997",
"url": "https://www.suse.com/security/cve/CVE-2025-52997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-52997"
},
{
"cve": "CVE-2025-53512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53512"
}
],
"notes": [
{
"category": "general",
"text": "The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53512",
"url": "https://www.suse.com/security/cve/CVE-2025-53512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-53512"
},
{
"cve": "CVE-2025-53513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53513"
}
],
"notes": [
{
"category": "general",
"text": "The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53513",
"url": "https://www.suse.com/security/cve/CVE-2025-53513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53513"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-53632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53632"
}
],
"notes": [
{
"category": "general",
"text": "Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 47d188f and shipped in v0.1.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53632",
"url": "https://www.suse.com/security/cve/CVE-2025-53632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53632"
},
{
"cve": "CVE-2025-53633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53633"
}
],
"notes": [
{
"category": "general",
"text": "Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 14042aa and shipped in v0.1.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53633",
"url": "https://www.suse.com/security/cve/CVE-2025-53633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53633"
},
{
"cve": "CVE-2025-53634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53634"
}
],
"notes": [
{
"category": "general",
"text": "Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service (DoS). Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 1385bd8 and shipped in v0.1.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53634",
"url": "https://www.suse.com/security/cve/CVE-2025-53634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53634"
},
{
"cve": "CVE-2025-53826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53826"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser\u0027s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of publication, no known patches exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53826",
"url": "https://www.suse.com/security/cve/CVE-2025-53826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53826"
},
{
"cve": "CVE-2025-53893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53893"
}
],
"notes": [
{
"category": "general",
"text": "File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service (DoS) vulnerability exists in the file processing logic when reading a file on endpoint `Filebrowser-Server-IP:PORT/files/{file-name}` . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations without size checks or resource limits. This allows an authenticated user to upload a large file and trigger uncontrolled memory consumption on read, potentially crashing the server and making it unresponsive. As of time of publication, no known patches are available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53893",
"url": "https://www.suse.com/security/cve/CVE-2025-53893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53893"
},
{
"cve": "CVE-2025-53945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53945"
}
],
"notes": [
{
"category": "general",
"text": "apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53945",
"url": "https://www.suse.com/security/cve/CVE-2025-53945"
},
{
"category": "external",
"summary": "SUSE Bug 1246746 for CVE-2025-53945",
"url": "https://bugzilla.suse.com/1246746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53945"
},
{
"cve": "CVE-2025-54059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54059"
}
],
"notes": [
{
"category": "general",
"text": "melange allows users to build apk packages using declarative pipelines. Starting in version 0.23.0 and prior to version 0.29.5, SBOM files generated by melange in apks had file system permissions mode 666. This potentially allows an unprivileged user to tamper with apk SBOMs on a running image, potentially confusing security scanners. An attacker could also perform a DoS under special circumstances. Version 0.29.5 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54059",
"url": "https://www.suse.com/security/cve/CVE-2025-54059"
},
{
"category": "external",
"summary": "SUSE Bug 1246745 for CVE-2025-54059",
"url": "https://bugzilla.suse.com/1246745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-54059"
},
{
"cve": "CVE-2025-54379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54379"
}
],
"notes": [
{
"category": "general",
"text": "LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote attackers to execute arbitrary SQL statements on the underlying SQLite database by manipulating the table name input in an API request. Exploitation can lead to data theft, corruption, or deletion, and full database compromise. This is fixed in version 2.2.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54379",
"url": "https://www.suse.com/security/cve/CVE-2025-54379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2025-54379"
},
{
"cve": "CVE-2025-5689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5689"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5689",
"url": "https://www.suse.com/security/cve/CVE-2025-5689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-5689"
},
{
"cve": "CVE-2025-5981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-5981"
}
],
"notes": [
{
"category": "general",
"text": "Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR\u0027s unpack() function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-5981",
"url": "https://www.suse.com/security/cve/CVE-2025-5981"
},
{
"category": "external",
"summary": "SUSE Bug 1244726 for CVE-2025-5981",
"url": "https://bugzilla.suse.com/1244726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-5981"
},
{
"cve": "CVE-2025-6023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6023"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.\n\nThe open redirect can be chained with path traversal vulnerabilities to achieve XSS.\n\nFixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6023",
"url": "https://www.suse.com/security/cve/CVE-2025-6023"
},
{
"category": "external",
"summary": "SUSE Bug 1246735 for CVE-2025-6023",
"url": "https://bugzilla.suse.com/1246735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6023"
},
{
"cve": "CVE-2025-6032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6032"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6032",
"url": "https://www.suse.com/security/cve/CVE-2025-6032"
},
{
"category": "external",
"summary": "SUSE Bug 1245320 for CVE-2025-6032",
"url": "https://bugzilla.suse.com/1245320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6032"
},
{
"cve": "CVE-2025-6224",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6224"
}
],
"notes": [
{
"category": "general",
"text": "Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6224",
"url": "https://www.suse.com/security/cve/CVE-2025-6224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6224"
},
{
"cve": "CVE-2025-6226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6226"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.6, 10.8.x \u003c= 10.8.1, 10.7.x \u003c= 10.7.3, 9.11.x \u003c= 9.11.16 fail to verify authorization when retrieving cached posts by PendingPostID which allows an authenticated user to read posts in private channels they don\u0027t have access to via guessing the PendingPostID of recently created posts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6226",
"url": "https://www.suse.com/security/cve/CVE-2025-6226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6226"
},
{
"cve": "CVE-2025-6227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6227"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.5.x \u003c= 10.5.7, 9.11.x \u003c= 9.11.16 fail to negotiate a new token when accepting the invite which allows a user that intercepts both invite and password to send synchronization payloads to the server that originally created the invite via the REST API.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6227",
"url": "https://www.suse.com/security/cve/CVE-2025-6227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-6227"
},
{
"cve": "CVE-2025-6233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6233"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.8.x \u003c= 10.8.1, 10.7.x \u003c= 10.7.3, 10.5.x \u003c= 10.5.7, 9.11.x \u003c= 9.11.16 fail to sanitize input paths of file attachments in the bulk import JSONL file, which allows a system admin to read arbitrary system files via path traversal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6233",
"url": "https://www.suse.com/security/cve/CVE-2025-6233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6233"
},
{
"cve": "CVE-2025-6264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6264"
}
],
"notes": [
{
"category": "general",
"text": "Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch.\n\nThe Admin.Client.UpdateClientConfig is an artifact used to update the client\u0027s configuration. This artifact did not enforce an additional required permission, allowing users with COLLECT_CLIENT permissions (normally given by the \"Investigator\" role) to collect it from endpoints and update the configuration. \n\nThis can lead to arbitrary command execution and endpoint takeover.\n\nTo successfully exploit this vulnerability the user must already have access to collect artifacts from the endpoint (i.e. have the COLLECT_CLIENT given typically by the \"Investigator\u0027 role).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6264",
"url": "https://www.suse.com/security/cve/CVE-2025-6264"
},
{
"category": "external",
"summary": "SUSE Bug 1245123 for CVE-2025-6264",
"url": "https://bugzilla.suse.com/1245123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6264"
},
{
"cve": "CVE-2025-6624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6624"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or DEBUG/TRACE mode.\r\rThe issue affects the following Snyk commands:\r\r1. When snyk container test or snyk container monitor commands are run against a container registry, with debug mode enabled, the container registry credentials may be written into the local Snyk CLI debug log. This only happens with credentials specified in environment variables (SNYK_REGISTRY_USERNAME and SNYK_REGISTRY_PASSWORD), or in the CLI (--password/-p and --username/-u).\r\r2. When snyk auth command is executed with debug mode enabled AND the log level is set to TRACE, the Snyk access / refresh credential tokens used to connect the CLI to Snyk may be written into the local CLI debug logs.\r\r3. When snyk iac test is executed with a Remote IAC Custom rules bundle, debug mode enabled, AND the log level is set to TRACE, the docker registry token may be written into the local CLI debug logs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6624",
"url": "https://www.suse.com/security/cve/CVE-2025-6624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250730T213748-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6624"
}
]
}
fkie_cve-2025-3415
Vulnerability from fkie_nvd
Published
2025-07-17 11:15
Modified
2025-07-17 21:15
Severity ?
Summary
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission.
Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01"
},
{
"lang": "es",
"value": "Grafana es una plataforma de c\u00f3digo abierto para la monitorizaci\u00f3n y la observabilidad. La integraci\u00f3n de Grafana Alerting DingDing no estaba debidamente protegida y pod\u00eda estar expuesta a usuarios con permiso de Visualizador. Corregido en las versiones 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 y 12.0.1+security-01."
}
],
"id": "CVE-2025-3415",
"lastModified": "2025-07-17T21:15:50.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security@grafana.com",
"type": "Secondary"
}
]
},
"published": "2025-07-17T11:15:22.240",
"references": [
{
"source": "security@grafana.com",
"url": "https://grafana.com/security/security-advisories/cve-2025-3415"
}
],
"sourceIdentifier": "security@grafana.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security@grafana.com",
"type": "Secondary"
}
]
}
CERTFR-2025-AVI-0515
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Grafana. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Grafana Labs | Grafana | Grafana versions 11.2.x antérieures à 11.2.10 | ||
| Grafana Labs | Grafana | Grafana versions antérieures à 10.4.19 | ||
| Grafana Labs | Grafana | Grafana versions 12.0.x antérieures à 12.0.1 | ||
| Grafana Labs | Grafana | Grafana versions 11.3.x antérieures à 11.3.7 | ||
| Grafana Labs | Grafana | Grafana versions 11.4.x antérieures à 11.4.5 | ||
| Grafana Labs | Grafana | Grafana versions 11.6.x antérieures à 11.6.2 | ||
| Grafana Labs | Grafana | Grafana versions 11.5.x antérieures à 11.5.5 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Grafana versions 11.2.x ant\u00e9rieures \u00e0 11.2.10 ",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions ant\u00e9rieures \u00e0 10.4.19",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 12.0.x ant\u00e9rieures \u00e0 12.0.1",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 11.3.x ant\u00e9rieures \u00e0 11.3.7",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 11.4.x ant\u00e9rieures \u00e0 11.4.5",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 11.6.x ant\u00e9rieures \u00e0 11.6.2",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 11.5.x ant\u00e9rieures \u00e0 11.5.5",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-3415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3415"
}
],
"initial_release_date": "2025-06-16T00:00:00",
"last_revision_date": "2025-06-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0515",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Grafana. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans Grafana",
"vendor_advisories": [
{
"published_at": "2025-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 Grafana cve-2025-3415",
"url": "https://grafana.com/blog/2025/06/13/grafana-security-update-medium-severity-security-release-for-cve-2025-3415/"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…