Vulnerability-Lookup

CVE-2025-21613 (GCVE-0-2025-21613)

Vulnerability from cvelistv5 – Published: 2025-01-06 16:13 – Updated: 2025-01-06 16:45

Title

go-git has an Argument Injection via the URL field

Summary

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.

Severity

9.2 (Critical)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Clear

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/go-git/go-git/security/advisor…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
go-git	go-git	Affected: >= 4.0.0, < 5.13.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21613",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T16:38:34.120792Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-88",
                "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-06T16:45:02.671Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-git",
          "vendor": "go-git",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.0,  \u003c 5.13.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Clear",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-06T16:13:10.611Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
        }
      ],
      "source": {
        "advisory": "GHSA-v725-9546-7q7m",
        "discovery": "UNKNOWN"
      },
      "title": "go-git has an Argument Injection via the URL field"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-21613",
    "datePublished": "2025-01-06T16:13:10.611Z",
    "dateReserved": "2024-12-29T03:00:24.713Z",
    "dateUpdated": "2025-01-06T16:45:02.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-21613",
      "date": "2026-06-06",
      "epss": "0.03834",
      "percentile": "0.88386"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21613\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-01-06T17:15:47.043\",\"lastModified\":\"2025-04-17T02:33:57.140\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.\"},{\"lang\":\"es\",\"value\":\"Go-git es una librer\u00eda de implementaci\u00f3n de Git altamente extensible escrita en Go puro. Se descubri\u00f3 una vulnerabilidad de inyecci\u00f3n de argumentos en versiones de Go-git anteriores a la v5.13. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir a un atacante establecer valores arbitrarios para los indicadores git-upload-pack. Esto solo sucede cuando se utiliza el protocolo de transporte de archivos, ya que es el \u00fanico protocolo que realiza transferencias a binarios de Git. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 5.13.0.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear\",\"baseScore\":9.2,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"CLEAR\"}}],\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-88\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-88\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go-git_project:go-git:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"5.13.0\",\"matchCriteriaId\":\"77FFEE6C-CE0C-435F-9466-13BC2B95D09E\"}]}]}],\"references\":[{\"url\":\"https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21613\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-06T16:38:34.120792Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-88\", \"description\": \"CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-06T16:44:56.937Z\"}}], \"cna\": {\"title\": \"go-git has an Argument Injection via the URL field\", \"source\": {\"advisory\": \"GHSA-v725-9546-7q7m\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Clear\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"go-git\", \"product\": \"go-git\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.0.0,  \u003c 5.13.0\"}]}], \"references\": [{\"url\": \"https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m\", \"name\": \"https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-88\", \"description\": \"CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-01-06T16:13:10.611Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-21613\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-06T16:45:02.671Z\", \"dateReserved\": \"2024-12-29T03:00:24.713Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-01-06T16:13:10.611Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

SUSE-SU-2025:0277-1

Vulnerability from csaf_suse - Published: 2025-01-28 23:46 - Updated: 2025-01-28 23:46

Summary

Security update for amazon-ssm-agent

Severity

Important

Notes

Title of the patch: Security update for amazon-ssm-agent

Description of the patch: This update for amazon-ssm-agent fixes the following issues: Update to version 3.3.1611.0: - CVE-2025-21613: Fixed argument injection via the URL field in github.com/go-git/go-git/v5 (bsc#1235575) Full changelog: https://github.com/aws/amazon-ssm-agent/compare/3.1.1260.0...3.3.1611.0

Patchnames: SUSE-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-277,openSUSE-SLE-15.6-2025-277

CVE-2025-21613

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 10 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64	—	Vendor Fix

Threats

Impact important

References

8 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1235575	self
https://www.suse.com/security/cve/CVE-2025-21613/	self
https://www.suse.com/security/cve/CVE-2025-21613	external
https://bugzilla.suse.com/1235572	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for amazon-ssm-agent",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for amazon-ssm-agent fixes the following issues:\n\nUpdate to version 3.3.1611.0:\n\n- CVE-2025-21613: Fixed argument injection via the URL field in github.com/go-git/go-git/v5 (bsc#1235575)\n\nFull changelog: https://github.com/aws/amazon-ssm-agent/compare/3.1.1260.0...3.3.1611.0\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-277,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-277,openSUSE-SLE-15.6-2025-277",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0277-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0277-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250277-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0277-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020232.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235575",
        "url": "https://bugzilla.suse.com/1235575"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21613/"
      }
    ],
    "title": "Security update for amazon-ssm-agent",
    "tracking": {
      "current_release_date": "2025-01-28T23:46:31Z",
      "generator": {
        "date": "2025-01-28T23:46:31Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0277-1",
      "initial_release_date": "2025-01-28T23:46:31Z",
      "revision_history": [
        {
          "date": "2025-01-28T23:46:31Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
                "product": {
                  "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
                  "product_id": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
                "product": {
                  "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
                  "product_id": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        },
        "product_reference": "amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-21613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
          "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
          "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
          "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21613",
          "url": "https://www.suse.com/security/cve/CVE-2025-21613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235572 for CVE-2025-21613",
          "url": "https://bugzilla.suse.com/1235572"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP3:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP4:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP5:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "SUSE Linux Enterprise Module for Public Cloud 15 SP6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64",
            "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.aarch64",
            "openSUSE Leap 15.6:amazon-ssm-agent-3.3.1611.0-150000.5.20.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T23:46:31Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21613"
    }
  ]
}

SUSE-SU-2025:0601-1

Vulnerability from csaf_suse - Published: 2025-02-20 09:14 - Updated: 2025-02-20 09:14

Summary

Security update for brise

Severity

Important

Notes

Title of the patch: Security update for brise

Description of the patch: This update for brise fixes the following issues: - CVE-2025-21613: Fixed argument injection via the URL field (bsc#1235573). - CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the ServerConfig.PublicKeyCallback callback (bsc#1234597).

Patchnames: SUSE-2025-601,SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-601,openSUSE-SLE-15.6-2025-601

CVE-2024-45337

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 52 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2025-21613

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 52 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch	—	Vendor Fix

Threats

Impact important

References

12 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1234597	self
https://bugzilla.suse.com/1235573	self
https://www.suse.com/security/cve/CVE-2024-45337/	self
https://www.suse.com/security/cve/CVE-2025-21613/	self
https://www.suse.com/security/cve/CVE-2024-45337	external
https://bugzilla.suse.com/1234482	external
https://www.suse.com/security/cve/CVE-2025-21613	external
https://bugzilla.suse.com/1235572	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for brise",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for brise fixes the following issues:\n\n- CVE-2025-21613: Fixed argument injection via the URL field (bsc#1235573).\n- CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the ServerConfig.PublicKeyCallback callback\n  (bsc#1234597).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-601,SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-601,openSUSE-SLE-15.6-2025-601",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0601-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0601-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250601-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0601-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020385.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234597",
        "url": "https://bugzilla.suse.com/1234597"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235573",
        "url": "https://bugzilla.suse.com/1235573"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45337 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45337/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21613/"
      }
    ],
    "title": "Security update for brise",
    "tracking": {
      "current_release_date": "2025-02-20T09:14:11Z",
      "generator": {
        "date": "2025-02-20T09:14:11Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0601-1",
      "initial_release_date": "2025-02-20T09:14:11Z",
      "revision_history": [
        {
          "date": "2025-02-20T09:14:11Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                "product": {
                  "name": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
                  "product_id": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        },
        "product_reference": "rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45337",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45337"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45337",
          "url": "https://www.suse.com/security/cve/CVE-2024-45337"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234482 for CVE-2024-45337",
          "url": "https://bugzilla.suse.com/1234482"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-20T09:14:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-45337"
    },
    {
      "cve": "CVE-2025-21613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
          "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21613",
          "url": "https://www.suse.com/security/cve/CVE-2025-21613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235572 for CVE-2025-21613",
          "url": "https://bugzilla.suse.com/1235572"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1.noarch",
            "openSUSE Leap 15.6:rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-20T09:14:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21613"
    }
  ]
}

SUSE-SU-2025:0622-1

Vulnerability from csaf_suse - Published: 2025-02-21 10:59 - Updated: 2025-02-21 10:59

Summary

Security update for grafana

Severity

Important

Notes

Title of the patch: Security update for grafana

Description of the patch: This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: - Security issues fixed: * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559) * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734) * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574) * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206) - Other bugs fixed and changes: * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key * Added provisioning directories * Use /bin/bash in wrapper scripts

Patchnames: SUSE-2025-622,SUSE-SLE-Manager-Tools-12-2025-622

CVE-2024-11741

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-28180

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45339

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-21613

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64	—	Vendor Fix

Threats

Impact important

References

20 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1235206	self
https://bugzilla.suse.com/1235574	self
https://bugzilla.suse.com/1236559	self
https://bugzilla.suse.com/1236734	self
https://www.suse.com/security/cve/CVE-2024-11741/	self
https://www.suse.com/security/cve/CVE-2024-28180/	self
https://www.suse.com/security/cve/CVE-2024-45339/	self
https://www.suse.com/security/cve/CVE-2025-21613/	self
https://www.suse.com/security/cve/CVE-2024-11741	external
https://bugzilla.suse.com/1236734	external
https://www.suse.com/security/cve/CVE-2024-28180	external
https://bugzilla.suse.com/1234984	external
https://www.suse.com/security/cve/CVE-2024-45339	external
https://bugzilla.suse.com/1236541	external
https://www.suse.com/security/cve/CVE-2025-21613	external
https://bugzilla.suse.com/1235572	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for grafana",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 10.4.13 to 10.4.15:\n\n- Security issues fixed:\n    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)\n    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)\n    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)\n    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)\n- Other bugs fixed and changes:\n    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key\n    * Added provisioning directories\n    * Use /bin/bash in wrapper scripts\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-622,SUSE-SLE-Manager-Tools-12-2025-622",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0622-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0622-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250622-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0622-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020389.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235206",
        "url": "https://bugzilla.suse.com/1235206"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235574",
        "url": "https://bugzilla.suse.com/1235574"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236559",
        "url": "https://bugzilla.suse.com/1236559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236734",
        "url": "https://bugzilla.suse.com/1236734"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28180 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45339 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21613/"
      }
    ],
    "title": "Security update for grafana",
    "tracking": {
      "current_release_date": "2025-02-21T10:59:56Z",
      "generator": {
        "date": "2025-02-21T10:59:56Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0622-1",
      "initial_release_date": "2025-02-21T10:59:56Z",
      "revision_history": [
        {
          "date": "2025-02-21T10:59:56Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-1.71.1.aarch64",
                "product": {
                  "name": "grafana-10.4.15-1.71.1.aarch64",
                  "product_id": "grafana-10.4.15-1.71.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-1.71.1.i586",
                "product": {
                  "name": "grafana-10.4.15-1.71.1.i586",
                  "product_id": "grafana-10.4.15-1.71.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-1.71.1.ppc64le",
                "product": {
                  "name": "grafana-10.4.15-1.71.1.ppc64le",
                  "product_id": "grafana-10.4.15-1.71.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-1.71.1.s390x",
                "product": {
                  "name": "grafana-10.4.15-1.71.1.s390x",
                  "product_id": "grafana-10.4.15-1.71.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-1.71.1.x86_64",
                "product": {
                  "name": "grafana-10.4.15-1.71.1.x86_64",
                  "product_id": "grafana-10.4.15-1.71.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Manager Client Tools 12",
                "product": {
                  "name": "SUSE Manager Client Tools 12",
                  "product_id": "SUSE Manager Client Tools 12"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-1.71.1.aarch64 as component of SUSE Manager Client Tools 12",
          "product_id": "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64"
        },
        "product_reference": "grafana-10.4.15-1.71.1.aarch64",
        "relates_to_product_reference": "SUSE Manager Client Tools 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-1.71.1.ppc64le as component of SUSE Manager Client Tools 12",
          "product_id": "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le"
        },
        "product_reference": "grafana-10.4.15-1.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Client Tools 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-1.71.1.s390x as component of SUSE Manager Client Tools 12",
          "product_id": "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x"
        },
        "product_reference": "grafana-10.4.15-1.71.1.s390x",
        "relates_to_product_reference": "SUSE Manager Client Tools 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-1.71.1.x86_64 as component of SUSE Manager Client Tools 12",
          "product_id": "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
        },
        "product_reference": "grafana-10.4.15-1.71.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Client Tools 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,   11.2.6, 11.1.11, 11.0.11 and 10.4.15",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11741",
          "url": "https://www.suse.com/security/cve/CVE-2024-11741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236734 for CVE-2024-11741",
          "url": "https://bugzilla.suse.com/1236734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T10:59:56Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11741"
    },
    {
      "cve": "CVE-2024-28180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28180",
          "url": "https://www.suse.com/security/cve/CVE-2024-28180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234984 for CVE-2024-28180",
          "url": "https://bugzilla.suse.com/1234984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T10:59:56Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-28180"
    },
    {
      "cve": "CVE-2024-45339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process\u0027s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45339",
          "url": "https://www.suse.com/security/cve/CVE-2024-45339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236541 for CVE-2024-45339",
          "url": "https://bugzilla.suse.com/1236541"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T10:59:56Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-45339"
    },
    {
      "cve": "CVE-2025-21613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
          "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21613",
          "url": "https://www.suse.com/security/cve/CVE-2025-21613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235572 for CVE-2025-21613",
          "url": "https://bugzilla.suse.com/1235572"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.aarch64",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.ppc64le",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.s390x",
            "SUSE Manager Client Tools 12:grafana-10.4.15-1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T10:59:56Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21613"
    }
  ]
}

SUSE-SU-2025:0623-1

Vulnerability from csaf_suse - Published: 2025-02-21 11:00 - Updated: 2025-02-21 11:00

Summary

Security update for grafana

Severity

Important

Notes

Title of the patch: Security update for grafana

Patchnames: SUSE-2025-623,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-623,openSUSE-SLE-15.6-2025-623

CVE-2024-11741

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-28180

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45339

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-21613

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64	—	Vendor Fix

Threats

Impact important

References

20 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1235206	self
https://bugzilla.suse.com/1235574	self
https://bugzilla.suse.com/1236559	self
https://bugzilla.suse.com/1236734	self
https://www.suse.com/security/cve/CVE-2024-11741/	self
https://www.suse.com/security/cve/CVE-2024-28180/	self
https://www.suse.com/security/cve/CVE-2024-45339/	self
https://www.suse.com/security/cve/CVE-2025-21613/	self
https://www.suse.com/security/cve/CVE-2024-11741	external
https://bugzilla.suse.com/1236734	external
https://www.suse.com/security/cve/CVE-2024-28180	external
https://bugzilla.suse.com/1234984	external
https://www.suse.com/security/cve/CVE-2024-45339	external
https://bugzilla.suse.com/1236541	external
https://www.suse.com/security/cve/CVE-2025-21613	external
https://bugzilla.suse.com/1235572	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for grafana",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 10.4.13 to 10.4.15:\n\n- Security issues fixed:\n    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)\n    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)\n    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)\n    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)\n- Other bugs fixed and changes:\n    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key\n    * Added provisioning directories\n    * Use /bin/bash in wrapper scripts\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-623,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-623,openSUSE-SLE-15.6-2025-623",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0623-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0623-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250623-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0623-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020388.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235206",
        "url": "https://bugzilla.suse.com/1235206"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235574",
        "url": "https://bugzilla.suse.com/1235574"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236559",
        "url": "https://bugzilla.suse.com/1236559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236734",
        "url": "https://bugzilla.suse.com/1236734"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28180 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45339 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21613/"
      }
    ],
    "title": "Security update for grafana",
    "tracking": {
      "current_release_date": "2025-02-21T11:00:07Z",
      "generator": {
        "date": "2025-02-21T11:00:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0623-1",
      "initial_release_date": "2025-02-21T11:00:07Z",
      "revision_history": [
        {
          "date": "2025-02-21T11:00:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150200.3.64.1.aarch64",
                "product": {
                  "name": "grafana-10.4.15-150200.3.64.1.aarch64",
                  "product_id": "grafana-10.4.15-150200.3.64.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150200.3.64.1.i586",
                "product": {
                  "name": "grafana-10.4.15-150200.3.64.1.i586",
                  "product_id": "grafana-10.4.15-150200.3.64.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150200.3.64.1.ppc64le",
                "product": {
                  "name": "grafana-10.4.15-150200.3.64.1.ppc64le",
                  "product_id": "grafana-10.4.15-150200.3.64.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150200.3.64.1.s390x",
                "product": {
                  "name": "grafana-10.4.15-150200.3.64.1.s390x",
                  "product_id": "grafana-10.4.15-150200.3.64.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150200.3.64.1.x86_64",
                "product": {
                  "name": "grafana-10.4.15-150200.3.64.1.x86_64",
                  "product_id": "grafana-10.4.15-150200.3.64.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150200.3.64.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
        },
        "product_reference": "grafana-10.4.15-150200.3.64.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,   11.2.6, 11.1.11, 11.0.11 and 10.4.15",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11741",
          "url": "https://www.suse.com/security/cve/CVE-2024-11741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236734 for CVE-2024-11741",
          "url": "https://bugzilla.suse.com/1236734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11741"
    },
    {
      "cve": "CVE-2024-28180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28180",
          "url": "https://www.suse.com/security/cve/CVE-2024-28180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234984 for CVE-2024-28180",
          "url": "https://bugzilla.suse.com/1234984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-28180"
    },
    {
      "cve": "CVE-2024-45339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process\u0027s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45339",
          "url": "https://www.suse.com/security/cve/CVE-2024-45339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236541 for CVE-2024-45339",
          "url": "https://bugzilla.suse.com/1236541"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-45339"
    },
    {
      "cve": "CVE-2025-21613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
          "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21613",
          "url": "https://www.suse.com/security/cve/CVE-2025-21613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235572 for CVE-2025-21613",
          "url": "https://bugzilla.suse.com/1235572"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-10.4.15-150200.3.64.1.x86_64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.aarch64",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.ppc64le",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.s390x",
            "openSUSE Leap 15.6:grafana-10.4.15-150200.3.64.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21613"
    }
  ]
}

SUSE-SU-2025:0624-1

Vulnerability from csaf_suse - Published: 2025-02-21 11:00 - Updated: 2025-02-21 11:00

Summary

Security update for grafana

Severity

Important

Notes

Title of the patch: Security update for grafana

Patchnames: SUSE-2025-624,SUSE-SLE-Manager-Tools-15-2025-624

CVE-2024-11741

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-28180

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45339

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-21613

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64	—	Vendor Fix

Threats

Impact important

References

20 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1235206	self
https://bugzilla.suse.com/1235574	self
https://bugzilla.suse.com/1236559	self
https://bugzilla.suse.com/1236734	self
https://www.suse.com/security/cve/CVE-2024-11741/	self
https://www.suse.com/security/cve/CVE-2024-28180/	self
https://www.suse.com/security/cve/CVE-2024-45339/	self
https://www.suse.com/security/cve/CVE-2025-21613/	self
https://www.suse.com/security/cve/CVE-2024-11741	external
https://bugzilla.suse.com/1236734	external
https://www.suse.com/security/cve/CVE-2024-28180	external
https://bugzilla.suse.com/1234984	external
https://www.suse.com/security/cve/CVE-2024-45339	external
https://bugzilla.suse.com/1236541	external
https://www.suse.com/security/cve/CVE-2025-21613	external
https://bugzilla.suse.com/1235572	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for grafana",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 10.4.13 to 10.4.15:\n\n- Security issues fixed:\n    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)\n    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)\n    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)\n    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)\n- Other bugs fixed and changes:\n    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key\n    * Added provisioning directories\n    * Use /bin/bash in wrapper scripts\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-624,SUSE-SLE-Manager-Tools-15-2025-624",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0624-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0624-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250624-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0624-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020387.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235206",
        "url": "https://bugzilla.suse.com/1235206"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235574",
        "url": "https://bugzilla.suse.com/1235574"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236559",
        "url": "https://bugzilla.suse.com/1236559"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236734",
        "url": "https://bugzilla.suse.com/1236734"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11741 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28180 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45339 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45339/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21613/"
      }
    ],
    "title": "Security update for grafana",
    "tracking": {
      "current_release_date": "2025-02-21T11:00:27Z",
      "generator": {
        "date": "2025-02-21T11:00:27Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0624-1",
      "initial_release_date": "2025-02-21T11:00:27Z",
      "revision_history": [
        {
          "date": "2025-02-21T11:00:27Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150000.1.71.1.aarch64",
                "product": {
                  "name": "grafana-10.4.15-150000.1.71.1.aarch64",
                  "product_id": "grafana-10.4.15-150000.1.71.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150000.1.71.1.i586",
                "product": {
                  "name": "grafana-10.4.15-150000.1.71.1.i586",
                  "product_id": "grafana-10.4.15-150000.1.71.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150000.1.71.1.ppc64le",
                "product": {
                  "name": "grafana-10.4.15-150000.1.71.1.ppc64le",
                  "product_id": "grafana-10.4.15-150000.1.71.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150000.1.71.1.s390x",
                "product": {
                  "name": "grafana-10.4.15-150000.1.71.1.s390x",
                  "product_id": "grafana-10.4.15-150000.1.71.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "grafana-10.4.15-150000.1.71.1.x86_64",
                "product": {
                  "name": "grafana-10.4.15-150000.1.71.1.x86_64",
                  "product_id": "grafana-10.4.15-150000.1.71.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Manager Client Tools 15",
                "product": {
                  "name": "SUSE Manager Client Tools 15",
                  "product_id": "SUSE Manager Client Tools 15"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150000.1.71.1.aarch64 as component of SUSE Manager Client Tools 15",
          "product_id": "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64"
        },
        "product_reference": "grafana-10.4.15-150000.1.71.1.aarch64",
        "relates_to_product_reference": "SUSE Manager Client Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150000.1.71.1.ppc64le as component of SUSE Manager Client Tools 15",
          "product_id": "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le"
        },
        "product_reference": "grafana-10.4.15-150000.1.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Client Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150000.1.71.1.s390x as component of SUSE Manager Client Tools 15",
          "product_id": "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x"
        },
        "product_reference": "grafana-10.4.15-150000.1.71.1.s390x",
        "relates_to_product_reference": "SUSE Manager Client Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "grafana-10.4.15-150000.1.71.1.x86_64 as component of SUSE Manager Client Tools 15",
          "product_id": "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
        },
        "product_reference": "grafana-10.4.15-150000.1.71.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Client Tools 15"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,   11.2.6, 11.1.11, 11.0.11 and 10.4.15",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11741",
          "url": "https://www.suse.com/security/cve/CVE-2024-11741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236734 for CVE-2024-11741",
          "url": "https://bugzilla.suse.com/1236734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11741"
    },
    {
      "cve": "CVE-2024-28180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28180",
          "url": "https://www.suse.com/security/cve/CVE-2024-28180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234984 for CVE-2024-28180",
          "url": "https://bugzilla.suse.com/1234984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:27Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-28180"
    },
    {
      "cve": "CVE-2024-45339",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45339"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process\u0027s log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that sensitive file. To fix that, glog now causes the program to exit (with status code 2) when it finds that the configured log file already exists.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45339",
          "url": "https://www.suse.com/security/cve/CVE-2024-45339"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236541 for CVE-2024-45339",
          "url": "https://bugzilla.suse.com/1236541"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-45339"
    },
    {
      "cve": "CVE-2025-21613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
          "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21613",
          "url": "https://www.suse.com/security/cve/CVE-2025-21613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235572 for CVE-2025-21613",
          "url": "https://bugzilla.suse.com/1235572"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.aarch64",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.ppc64le",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.s390x",
            "SUSE Manager Client Tools 15:grafana-10.4.15-150000.1.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-02-21T11:00:27Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21613"
    }
  ]
}

WID-SEC-W-2025-0123

Vulnerability from csaf_certbund - Published: 2025-01-19 23:00 - Updated: 2025-12-30 23:00

Summary

Red Hat Enterprise Linux und and OpenShift (go-git): Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Grafana Komponente ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2025-21613

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8`	8
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Red Hat OpenShift Container Platform <4.17.16 Red Hat / OpenShift		Container Platform <4.17.16
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM MQ Operator IBM / MQ	`cpe:/a:ibm:mq:operator`	Operator
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM MQ Container IBM / MQ	`cpe:/a:ibm:mq:container`	Container
Red Hat OpenShift GitOps <1.14.3 Red Hat / OpenShift		GitOps <1.14.3

CVE-2025-21614

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 8 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:8`	8
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Red Hat OpenShift Container Platform <4.17.16 Red Hat / OpenShift		Container Platform <4.17.16
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
IBM MQ Operator IBM / MQ	`cpe:/a:ibm:mq:operator`	Operator
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
IBM MQ Container IBM / MQ	`cpe:/a:ibm:mq:container`	Container
Red Hat OpenShift GitOps <1.14.3 Red Hat / OpenShift		GitOps <1.14.3

References

24 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2025:0401	external
https://linux.oracle.com/errata/ELSA-2025-0401.html	external
https://access.redhat.com/errata/RHSA-2025:0662	external
https://lists.opensuse.org/archives/list/security…	external
https://www.ibm.com/support/pages/node/7182196	external
https://access.redhat.com/errata/RHSA-2025:0907	external
https://alas.aws.amazon.com/AL2/ALAS-2025-2739.html	external
https://access.redhat.com/errata/RHSA-2025:1119	external
https://access.redhat.com/errata/RHSA-2025:1334	external
https://access.redhat.com/errata/RHSA-2025:1468	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://access.redhat.com/errata/RHSA-2024:6122	external
https://access.redhat.com/errata/RHSA-2025:1704	external
https://access.redhat.com/errata/RHSA-2025:1870	external
https://access.redhat.com/errata/RHSA-2025:1869	external
https://access.redhat.com/errata/RHSA-2025:1888	external
https://access.redhat.com/errata/RHSA-2025:3069	external
https://access.redhat.com/errata/RHSA-2025:11396	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Grafana Komponente ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu erzeugen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0123 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0123.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0123 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0123"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2025-01-19",
        "url": "https://access.redhat.com/errata/RHSA-2025:0401"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-0401 vom 2025-01-20",
        "url": "https://linux.oracle.com/errata/ELSA-2025-0401.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0662 vom 2025-01-23",
        "url": "https://access.redhat.com/errata/RHSA-2025:0662"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0277-1 vom 2025-01-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3ZEHSCTIURMMKWQUQAA74MSPSJ7BBIKF/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7182196 vom 2025-01-31",
        "url": "https://www.ibm.com/support/pages/node/7182196"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0907 vom 2025-02-03",
        "url": "https://access.redhat.com/errata/RHSA-2025:0907"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2739 vom 2025-02-04",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2739.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1119 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1119"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1334 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1334"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1468 vom 2025-02-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:1468"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0623-1 vom 2025-02-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PO3D5WFGTDK7AXHFZR6BNA4MXA4KNXXX/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0601-1 vom 2025-02-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SIJ4IQWT54OKAPQJZ73TJULOUB4K7WWI/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6122 vom 2025-02-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:6122"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1704 vom 2025-02-27",
        "url": "https://access.redhat.com/errata/RHSA-2025:1704"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1870 vom 2025-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:1870"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1869 vom 2025-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:1869"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1888 vom 2025-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:1888"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:3069 vom 2025-03-20",
        "url": "https://access.redhat.com/errata/RHSA-2025:3069"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11396 vom 2025-07-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:11396"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:20177-1 vom 2025-12-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDMAOCE6FMUQXLIFZPI7NDGE25ALNJNL/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0482-1 vom 2025-12-24",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HMPRAQU5GUS5B5UC67PSDP37L4LKC7JE/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0492-1 vom 2025-12-31",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ELAD4UXESKHIWS4FSKWS4HUM7LFMUU7F/"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux und and OpenShift (go-git): Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-30T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-31T07:55:05.613+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-0123",
      "initial_release_date": "2025-01-19T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-01-20T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-01-22T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-28T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-30T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-02-03T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-04T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-02-10T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-11T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-13T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-20T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-02-24T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-26T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-03-19T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-07-20T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-12-23T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-12-28T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-12-30T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "18"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Operator",
                "product": {
                  "name": "IBM MQ Operator",
                  "product_id": "T036688",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:operator"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Container",
                "product": {
                  "name": "IBM MQ Container",
                  "product_id": "T040640",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:container"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "MQ"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T027916",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "Red Hat Enterprise Linux 8",
                  "product_id": "T040390",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.17.16",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.17.16",
                  "product_id": "T041007"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.17.16",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.17.16",
                  "product_id": "T041007-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.17.16"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "GitOps \u003c1.14.3",
                "product": {
                  "name": "Red Hat OpenShift GitOps \u003c1.14.3",
                  "product_id": "T042066"
                }
              },
              {
                "category": "product_version",
                "name": "GitOps 1.14.3",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.14.3",
                  "product_id": "T042066-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:gitops__1.14.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-21613",
      "product_status": {
        "known_affected": [
          "T027916",
          "T002207",
          "67646",
          "T040390",
          "T027843",
          "T041007",
          "398363",
          "T036688",
          "T004914",
          "T040640",
          "T042066"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21613"
    },
    {
      "cve": "CVE-2025-21614",
      "product_status": {
        "known_affected": [
          "T027916",
          "T002207",
          "67646",
          "T040390",
          "T027843",
          "T041007",
          "398363",
          "T036688",
          "T004914",
          "T040640",
          "T042066"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21614"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-21613 (GCVE-0-2025-21613)

SUSE-SU-2025:0277-1

SUSE-SU-2025:0601-1

SUSE-SU-2025:0622-1

SUSE-SU-2025:0623-1

SUSE-SU-2025:0624-1

WID-SEC-W-2025-0123

Tags

Sightings

Nomenclature