Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-58190 (GCVE-0-2025-58190)
Vulnerability from cvelistv5 – Published: 2026-02-05 17:48 – Updated: 2026-02-12 15:22
VLAI?
EPSS
Title
Infinite parsing loop in golang.org/x/net
Summary
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
Severity ?
5.3 (Medium)
CWE
- CWE-835 - Loop with Unreachable Exit Condition
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.45.0
(semver)
|
Credits
Guido Vranken
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-58190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-12T15:22:10.801204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T15:22:37.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "inRowIM"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.45.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Guido Vranken"
}
],
"descriptions": [
{
"lang": "en",
"value": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-835: Loop with Unreachable Exit Condition",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:48:44.693Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"url": "https://github.com/golang/vulndb/issues/4441"
},
{
"url": "https://go.dev/cl/709875"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4441"
}
],
"title": "Infinite parsing loop in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-58190",
"datePublished": "2026-02-05T17:48:44.693Z",
"dateReserved": "2025-08-27T14:50:58.692Z",
"dateUpdated": "2026-02-12T15:22:37.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-58190\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-02-05T18:16:10.027\",\"lastModified\":\"2026-02-12T16:16:03.737\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"references\":[{\"url\":\"https://github.com/golang/vulndb/issues/4441\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/709875\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4441\",\"source\":\"security@golang.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-58190\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-12T15:22:10.801204Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-12T15:22:27.673Z\"}}], \"cna\": {\"title\": \"Infinite parsing loop in golang.org/x/net\", \"credits\": [{\"lang\": \"en\", \"value\": \"Guido Vranken\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.45.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"inRowIM\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseFragment\"}, {\"name\": \"ParseFragmentWithOptions\"}, {\"name\": \"ParseWithOptions\"}]}], \"references\": [{\"url\": \"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c\"}, {\"url\": \"https://github.com/golang/vulndb/issues/4441\"}, {\"url\": \"https://go.dev/cl/709875\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4441\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-835: Loop with Unreachable Exit Condition\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-02-05T17:48:44.693Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-58190\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-12T15:22:37.685Z\", \"dateReserved\": \"2025-08-27T14:50:58.692Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-02-05T17:48:44.693Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-RU-2026:20010-1
Vulnerability from csaf_opensuse - Published: 2026-01-08 14:37 - Updated: 2026-01-08 14:37Summary
Recommended update for trivy
Notes
Title of the patch
Recommended update for trivy
Description of the patch
This update for trivy fixes the following issues:
- Update to version 0.68.2:
* release: v0.68.2 [release/v0.68] (#9950)
* fix(deps): bump alpine from `3.22.1` to `3.23.0` [backport: release/v0.68] (#9949)
* ci: enable `check-latest` for `setup-go` [backport: release/v0.68] (#9946)
Patchnames
openSUSE-Leap-16.0-packagehub-63
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for trivy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for trivy fixes the following issues:\n\n- Update to version 0.68.2:\n * release: v0.68.2 [release/v0.68] (#9950)\n * fix(deps): bump alpine from `3.22.1` to `3.23.0` [backport: release/v0.68] (#9949)\n * ci: enable `check-latest` for `setup-go` [backport: release/v0.68] (#9946)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-63",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-ru-2026_20010-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1251363",
"url": "https://bugzilla.suse.com/1251363"
},
{
"category": "self",
"summary": "SUSE Bug 1251547",
"url": "https://bugzilla.suse.com/1251547"
},
{
"category": "self",
"summary": "SUSE Bug 1253512",
"url": "https://bugzilla.suse.com/1253512"
},
{
"category": "self",
"summary": "SUSE Bug 1253786",
"url": "https://bugzilla.suse.com/1253786"
},
{
"category": "self",
"summary": "SUSE Bug 1253977",
"url": "https://bugzilla.suse.com/1253977"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Recommended update for trivy",
"tracking": {
"current_release_date": "2026-01-08T14:37:24Z",
"generator": {
"date": "2026-01-08T14:37:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-RU-2026:20010-1",
"initial_release_date": "2026-01-08T14:37:24Z",
"revision_history": [
{
"date": "2026-01-08T14:37:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-bp160.1.1.aarch64",
"product": {
"name": "trivy-0.68.2-bp160.1.1.aarch64",
"product_id": "trivy-0.68.2-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-bp160.1.1.ppc64le",
"product": {
"name": "trivy-0.68.2-bp160.1.1.ppc64le",
"product_id": "trivy-0.68.2-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-bp160.1.1.s390x",
"product": {
"name": "trivy-0.68.2-bp160.1.1.s390x",
"product_id": "trivy-0.68.2-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-bp160.1.1.x86_64",
"product": {
"name": "trivy-0.68.2-bp160.1.1.x86_64",
"product_id": "trivy-0.68.2-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64"
},
"product_reference": "trivy-0.68.2-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le"
},
"product_reference": "trivy-0.68.2-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x"
},
"product_reference": "trivy-0.68.2-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
},
"product_reference": "trivy-0.68.2-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-08T14:37:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-08T14:37:24Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-08T14:37:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-08T14:37:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.aarch64",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.s390x",
"openSUSE Leap 16.0:trivy-0.68.2-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-08T14:37:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15618-1
Vulnerability from csaf_opensuse - Published: 2025-10-09 00:00 - Updated: 2025-10-09 00:00Summary
forgejo-longterm-11.0.6-2.1 on GA media
Notes
Title of the patch
forgejo-longterm-11.0.6-2.1 on GA media
Description of the patch
These are all security issues fixed in the forgejo-longterm-11.0.6-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15618
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "forgejo-longterm-11.0.6-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the forgejo-longterm-11.0.6-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15618",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15618-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "forgejo-longterm-11.0.6-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-09T00:00:00Z",
"generator": {
"date": "2025-10-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15618-1",
"initial_release_date": "2025-10-09T00:00:00Z",
"revision_history": [
{
"date": "2025-10-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "forgejo-longterm-11.0.6-2.1.aarch64",
"product": {
"name": "forgejo-longterm-11.0.6-2.1.aarch64",
"product_id": "forgejo-longterm-11.0.6-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"product": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"product_id": "forgejo-longterm-apparmor-11.0.6-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"product": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"product_id": "forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"product": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"product_id": "forgejo-longterm-firewalld-11.0.6-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"product": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"product_id": "forgejo-longterm-selinux-11.0.6-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-longterm-11.0.6-2.1.ppc64le",
"product": {
"name": "forgejo-longterm-11.0.6-2.1.ppc64le",
"product_id": "forgejo-longterm-11.0.6-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"product": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"product_id": "forgejo-longterm-apparmor-11.0.6-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"product": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"product_id": "forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"product": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"product_id": "forgejo-longterm-firewalld-11.0.6-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"product": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"product_id": "forgejo-longterm-selinux-11.0.6-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-longterm-11.0.6-2.1.s390x",
"product": {
"name": "forgejo-longterm-11.0.6-2.1.s390x",
"product_id": "forgejo-longterm-11.0.6-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"product": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"product_id": "forgejo-longterm-apparmor-11.0.6-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"product": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"product_id": "forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"product": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"product_id": "forgejo-longterm-firewalld-11.0.6-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-selinux-11.0.6-2.1.s390x",
"product": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.s390x",
"product_id": "forgejo-longterm-selinux-11.0.6-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-longterm-11.0.6-2.1.x86_64",
"product": {
"name": "forgejo-longterm-11.0.6-2.1.x86_64",
"product_id": "forgejo-longterm-11.0.6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"product": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"product_id": "forgejo-longterm-apparmor-11.0.6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"product": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"product_id": "forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"product": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"product_id": "forgejo-longterm-firewalld-11.0.6-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-longterm-selinux-11.0.6-2.1.x86_64",
"product": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.x86_64",
"product_id": "forgejo-longterm-selinux-11.0.6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-11.0.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64"
},
"product_reference": "forgejo-longterm-11.0.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-11.0.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le"
},
"product_reference": "forgejo-longterm-11.0.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-11.0.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x"
},
"product_reference": "forgejo-longterm-11.0.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-11.0.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64"
},
"product_reference": "forgejo-longterm-11.0.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64"
},
"product_reference": "forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le"
},
"product_reference": "forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x"
},
"product_reference": "forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-apparmor-11.0.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64"
},
"product_reference": "forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64"
},
"product_reference": "forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le"
},
"product_reference": "forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x"
},
"product_reference": "forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64"
},
"product_reference": "forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64"
},
"product_reference": "forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le"
},
"product_reference": "forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x"
},
"product_reference": "forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-firewalld-11.0.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64"
},
"product_reference": "forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64"
},
"product_reference": "forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le"
},
"product_reference": "forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x"
},
"product_reference": "forgejo-longterm-selinux-11.0.6-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-longterm-selinux-11.0.6-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
},
"product_reference": "forgejo-longterm-selinux-11.0.6-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-apparmor-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-environment-to-ini-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-firewalld-11.0.6-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.s390x",
"openSUSE Tumbleweed:forgejo-longterm-selinux-11.0.6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15616-1
Vulnerability from csaf_opensuse - Published: 2025-10-09 00:00 - Updated: 2025-10-09 00:00Summary
distrobuilder-3.2-4.1 on GA media
Notes
Title of the patch
distrobuilder-3.2-4.1 on GA media
Description of the patch
These are all security issues fixed in the distrobuilder-3.2-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15616
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "distrobuilder-3.2-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the distrobuilder-3.2-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15616",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15616-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "distrobuilder-3.2-4.1 on GA media",
"tracking": {
"current_release_date": "2025-10-09T00:00:00Z",
"generator": {
"date": "2025-10-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15616-1",
"initial_release_date": "2025-10-09T00:00:00Z",
"revision_history": [
{
"date": "2025-10-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-4.1.aarch64",
"product": {
"name": "distrobuilder-3.2-4.1.aarch64",
"product_id": "distrobuilder-3.2-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-4.1.ppc64le",
"product": {
"name": "distrobuilder-3.2-4.1.ppc64le",
"product_id": "distrobuilder-3.2-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-4.1.s390x",
"product": {
"name": "distrobuilder-3.2-4.1.s390x",
"product_id": "distrobuilder-3.2-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "distrobuilder-3.2-4.1.x86_64",
"product": {
"name": "distrobuilder-3.2-4.1.x86_64",
"product_id": "distrobuilder-3.2-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64"
},
"product_reference": "distrobuilder-3.2-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le"
},
"product_reference": "distrobuilder-3.2-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x"
},
"product_reference": "distrobuilder-3.2-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distrobuilder-3.2-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
},
"product_reference": "distrobuilder-3.2-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.aarch64",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.ppc64le",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.s390x",
"openSUSE Tumbleweed:distrobuilder-3.2-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15729-1
Vulnerability from csaf_opensuse - Published: 2025-11-12 00:00 - Updated: 2025-11-12 00:00Summary
go-sendxmpp-0.15.1-1.1 on GA media
Notes
Title of the patch
go-sendxmpp-0.15.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the go-sendxmpp-0.15.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15729
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go-sendxmpp-0.15.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go-sendxmpp-0.15.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15729",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15729-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "go-sendxmpp-0.15.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-12T00:00:00Z",
"generator": {
"date": "2025-11-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15729-1",
"initial_release_date": "2025-11-12T00:00:00Z",
"revision_history": [
{
"date": "2025-11-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-1.1.aarch64",
"product": {
"name": "go-sendxmpp-0.15.1-1.1.aarch64",
"product_id": "go-sendxmpp-0.15.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-1.1.ppc64le",
"product": {
"name": "go-sendxmpp-0.15.1-1.1.ppc64le",
"product_id": "go-sendxmpp-0.15.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-1.1.s390x",
"product": {
"name": "go-sendxmpp-0.15.1-1.1.s390x",
"product_id": "go-sendxmpp-0.15.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-1.1.x86_64",
"product": {
"name": "go-sendxmpp-0.15.1-1.1.x86_64",
"product_id": "go-sendxmpp-0.15.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64"
},
"product_reference": "go-sendxmpp-0.15.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le"
},
"product_reference": "go-sendxmpp-0.15.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x"
},
"product_reference": "go-sendxmpp-0.15.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
},
"product_reference": "go-sendxmpp-0.15.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.aarch64",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.s390x",
"openSUSE Tumbleweed:go-sendxmpp-0.15.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15607-1
Vulnerability from csaf_opensuse - Published: 2025-10-08 00:00 - Updated: 2025-10-08 00:00Summary
glow-2.1.1-2.1 on GA media
Notes
Title of the patch
glow-2.1.1-2.1 on GA media
Description of the patch
These are all security issues fixed in the glow-2.1.1-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15607
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "glow-2.1.1-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the glow-2.1.1-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15607",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15607-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "glow-2.1.1-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-08T00:00:00Z",
"generator": {
"date": "2025-10-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15607-1",
"initial_release_date": "2025-10-08T00:00:00Z",
"revision_history": [
{
"date": "2025-10-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.1-2.1.aarch64",
"product": {
"name": "glow-2.1.1-2.1.aarch64",
"product_id": "glow-2.1.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.1-2.1.aarch64",
"product": {
"name": "glow-bash-completion-2.1.1-2.1.aarch64",
"product_id": "glow-bash-completion-2.1.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.1-2.1.aarch64",
"product": {
"name": "glow-fish-completion-2.1.1-2.1.aarch64",
"product_id": "glow-fish-completion-2.1.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.1-2.1.aarch64",
"product": {
"name": "glow-zsh-completion-2.1.1-2.1.aarch64",
"product_id": "glow-zsh-completion-2.1.1-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.1-2.1.ppc64le",
"product": {
"name": "glow-2.1.1-2.1.ppc64le",
"product_id": "glow-2.1.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.1-2.1.ppc64le",
"product": {
"name": "glow-bash-completion-2.1.1-2.1.ppc64le",
"product_id": "glow-bash-completion-2.1.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.1-2.1.ppc64le",
"product": {
"name": "glow-fish-completion-2.1.1-2.1.ppc64le",
"product_id": "glow-fish-completion-2.1.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.1-2.1.ppc64le",
"product": {
"name": "glow-zsh-completion-2.1.1-2.1.ppc64le",
"product_id": "glow-zsh-completion-2.1.1-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.1-2.1.s390x",
"product": {
"name": "glow-2.1.1-2.1.s390x",
"product_id": "glow-2.1.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.1-2.1.s390x",
"product": {
"name": "glow-bash-completion-2.1.1-2.1.s390x",
"product_id": "glow-bash-completion-2.1.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.1-2.1.s390x",
"product": {
"name": "glow-fish-completion-2.1.1-2.1.s390x",
"product_id": "glow-fish-completion-2.1.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.1-2.1.s390x",
"product": {
"name": "glow-zsh-completion-2.1.1-2.1.s390x",
"product_id": "glow-zsh-completion-2.1.1-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "glow-2.1.1-2.1.x86_64",
"product": {
"name": "glow-2.1.1-2.1.x86_64",
"product_id": "glow-2.1.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-bash-completion-2.1.1-2.1.x86_64",
"product": {
"name": "glow-bash-completion-2.1.1-2.1.x86_64",
"product_id": "glow-bash-completion-2.1.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-fish-completion-2.1.1-2.1.x86_64",
"product": {
"name": "glow-fish-completion-2.1.1-2.1.x86_64",
"product_id": "glow-fish-completion-2.1.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "glow-zsh-completion-2.1.1-2.1.x86_64",
"product": {
"name": "glow-zsh-completion-2.1.1-2.1.x86_64",
"product_id": "glow-zsh-completion-2.1.1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64"
},
"product_reference": "glow-2.1.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le"
},
"product_reference": "glow-2.1.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.1-2.1.s390x"
},
"product_reference": "glow-2.1.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-2.1.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64"
},
"product_reference": "glow-2.1.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64"
},
"product_reference": "glow-bash-completion-2.1.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le"
},
"product_reference": "glow-bash-completion-2.1.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x"
},
"product_reference": "glow-bash-completion-2.1.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-bash-completion-2.1.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64"
},
"product_reference": "glow-bash-completion-2.1.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64"
},
"product_reference": "glow-fish-completion-2.1.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le"
},
"product_reference": "glow-fish-completion-2.1.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x"
},
"product_reference": "glow-fish-completion-2.1.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-fish-completion-2.1.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64"
},
"product_reference": "glow-fish-completion-2.1.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64"
},
"product_reference": "glow-zsh-completion-2.1.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le"
},
"product_reference": "glow-zsh-completion-2.1.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x"
},
"product_reference": "glow-zsh-completion-2.1.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glow-zsh-completion-2.1.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
},
"product_reference": "glow-zsh-completion-2.1.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:glow-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-bash-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-fish-completion-2.1.1-2.1.x86_64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.aarch64",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.ppc64le",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.s390x",
"openSUSE Tumbleweed:glow-zsh-completion-2.1.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15743-1
Vulnerability from csaf_opensuse - Published: 2025-11-18 00:00 - Updated: 2025-11-18 00:00Summary
sbctl-0.18-2.1 on GA media
Notes
Title of the patch
sbctl-0.18-2.1 on GA media
Description of the patch
These are all security issues fixed in the sbctl-0.18-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15743
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "sbctl-0.18-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the sbctl-0.18-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15743",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15743-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "sbctl-0.18-2.1 on GA media",
"tracking": {
"current_release_date": "2025-11-18T00:00:00Z",
"generator": {
"date": "2025-11-18T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15743-1",
"initial_release_date": "2025-11-18T00:00:00Z",
"revision_history": [
{
"date": "2025-11-18T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-2.1.aarch64",
"product": {
"name": "sbctl-0.18-2.1.aarch64",
"product_id": "sbctl-0.18-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-2.1.ppc64le",
"product": {
"name": "sbctl-0.18-2.1.ppc64le",
"product_id": "sbctl-0.18-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-2.1.s390x",
"product": {
"name": "sbctl-0.18-2.1.s390x",
"product_id": "sbctl-0.18-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-2.1.x86_64",
"product": {
"name": "sbctl-0.18-2.1.x86_64",
"product_id": "sbctl-0.18-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64"
},
"product_reference": "sbctl-0.18-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le"
},
"product_reference": "sbctl-0.18-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sbctl-0.18-2.1.s390x"
},
"product_reference": "sbctl-0.18-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
},
"product_reference": "sbctl-0.18-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:sbctl-0.18-2.1.aarch64",
"openSUSE Tumbleweed:sbctl-0.18-2.1.ppc64le",
"openSUSE Tumbleweed:sbctl-0.18-2.1.s390x",
"openSUSE Tumbleweed:sbctl-0.18-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2026:20132-1
Vulnerability from csaf_opensuse - Published: 2026-01-29 15:32 - Updated: 2026-01-29 15:32Summary
Security update for elemental-register, elemental-toolkit
Notes
Title of the patch
Security update for elemental-register, elemental-toolkit
Description of the patch
This update for elemental-register, elemental-toolkit fixes the following issues:
elemental-register was updated to 1.8.1:
Changes on top of v1.8.1:
* Update headers to 2026
* Update questions to include SL Micro 6.2
Update to v1.8.1:
* Install yip config files in before-install step
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit was updated to v2.3.2:
* Bump golang.org/x/crypto library
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
Patchnames
openSUSE-Leap-16.0-217
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for elemental-register, elemental-toolkit",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for elemental-register, elemental-toolkit fixes the following issues:\n\nelemental-register was updated to 1.8.1:\n\nChanges on top of v1.8.1:\n\n * Update headers to 2026\n * Update questions to include SL Micro 6.2\n\nUpdate to v1.8.1:\n\n * Install yip config files in before-install step\n * Bump github.com/rancher-sandbox/go-tpm and its dependencies\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n\nelemental-toolkit was updated to v2.3.2:\n\n * Bump golang.org/x/crypto library\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * bsc#1253581 (CVE-2025-47913)\n * bsc#1253901 (CVE-2025-58181)\n * bsc#1254079 (CVE-2025-47914)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-217",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20132-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1241826",
"url": "https://bugzilla.suse.com/1241826"
},
{
"category": "self",
"summary": "SUSE Bug 1241857",
"url": "https://bugzilla.suse.com/1241857"
},
{
"category": "self",
"summary": "SUSE Bug 1251511",
"url": "https://bugzilla.suse.com/1251511"
},
{
"category": "self",
"summary": "SUSE Bug 1251679",
"url": "https://bugzilla.suse.com/1251679"
},
{
"category": "self",
"summary": "SUSE Bug 1253581",
"url": "https://bugzilla.suse.com/1253581"
},
{
"category": "self",
"summary": "SUSE Bug 1253901",
"url": "https://bugzilla.suse.com/1253901"
},
{
"category": "self",
"summary": "SUSE Bug 1254079",
"url": "https://bugzilla.suse.com/1254079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for elemental-register, elemental-toolkit",
"tracking": {
"current_release_date": "2026-01-29T15:32:26Z",
"generator": {
"date": "2026-01-29T15:32:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20132-1",
"initial_release_date": "2026-01-29T15:32:26Z",
"revision_history": [
{
"date": "2026-01-29T15:32:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-register-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-support-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.s390x",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.s390x",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-register-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-support-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-register-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-support-1.8.1-160000.1.1.x86_64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.ppc64le",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.s390x",
"openSUSE Leap 16.0:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15619-1
Vulnerability from csaf_opensuse - Published: 2025-10-09 00:00 - Updated: 2025-10-09 00:00Summary
gitea-tea-0.11.0-2.1 on GA media
Notes
Title of the patch
gitea-tea-0.11.0-2.1 on GA media
Description of the patch
These are all security issues fixed in the gitea-tea-0.11.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15619
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "gitea-tea-0.11.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the gitea-tea-0.11.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15619",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15619-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "gitea-tea-0.11.0-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-09T00:00:00Z",
"generator": {
"date": "2025-10-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15619-1",
"initial_release_date": "2025-10-09T00:00:00Z",
"revision_history": [
{
"date": "2025-10-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.0-2.1.aarch64",
"product": {
"name": "gitea-tea-0.11.0-2.1.aarch64",
"product_id": "gitea-tea-0.11.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"product": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"product_id": "gitea-tea-bash-completion-0.11.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"product": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"product_id": "gitea-tea-zsh-completion-0.11.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.0-2.1.ppc64le",
"product": {
"name": "gitea-tea-0.11.0-2.1.ppc64le",
"product_id": "gitea-tea-0.11.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"product": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"product_id": "gitea-tea-bash-completion-0.11.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"product": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"product_id": "gitea-tea-zsh-completion-0.11.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.0-2.1.s390x",
"product": {
"name": "gitea-tea-0.11.0-2.1.s390x",
"product_id": "gitea-tea-0.11.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gitea-tea-bash-completion-0.11.0-2.1.s390x",
"product": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.s390x",
"product_id": "gitea-tea-bash-completion-0.11.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"product": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"product_id": "gitea-tea-zsh-completion-0.11.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.0-2.1.x86_64",
"product": {
"name": "gitea-tea-0.11.0-2.1.x86_64",
"product_id": "gitea-tea-0.11.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"product": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"product_id": "gitea-tea-bash-completion-0.11.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "gitea-tea-zsh-completion-0.11.0-2.1.x86_64",
"product": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.x86_64",
"product_id": "gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64"
},
"product_reference": "gitea-tea-0.11.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le"
},
"product_reference": "gitea-tea-0.11.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x"
},
"product_reference": "gitea-tea-0.11.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64"
},
"product_reference": "gitea-tea-0.11.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64"
},
"product_reference": "gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le"
},
"product_reference": "gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x"
},
"product_reference": "gitea-tea-bash-completion-0.11.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-bash-completion-0.11.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64"
},
"product_reference": "gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64"
},
"product_reference": "gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le"
},
"product_reference": "gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x"
},
"product_reference": "gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-zsh-completion-0.11.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
},
"product_reference": "gitea-tea-zsh-completion-0.11.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-bash-completion-0.11.0-2.1.x86_64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.aarch64",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.ppc64le",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.s390x",
"openSUSE Tumbleweed:gitea-tea-zsh-completion-0.11.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15730-1
Vulnerability from csaf_opensuse - Published: 2025-11-12 00:00 - Updated: 2025-11-12 00:00Summary
helm-3.19.1-1.1 on GA media
Notes
Title of the patch
helm-3.19.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the helm-3.19.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15730
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "helm-3.19.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the helm-3.19.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15730",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15730-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "helm-3.19.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-12T00:00:00Z",
"generator": {
"date": "2025-11-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15730-1",
"initial_release_date": "2025-11-12T00:00:00Z",
"revision_history": [
{
"date": "2025-11-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.aarch64",
"product": {
"name": "helm-3.19.1-1.1.aarch64",
"product_id": "helm-3.19.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-1.1.aarch64",
"product": {
"name": "helm-bash-completion-3.19.1-1.1.aarch64",
"product_id": "helm-bash-completion-3.19.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.19.1-1.1.aarch64",
"product": {
"name": "helm-fish-completion-3.19.1-1.1.aarch64",
"product_id": "helm-fish-completion-3.19.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.19.1-1.1.aarch64",
"product": {
"name": "helm-zsh-completion-3.19.1-1.1.aarch64",
"product_id": "helm-zsh-completion-3.19.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.ppc64le",
"product": {
"name": "helm-3.19.1-1.1.ppc64le",
"product_id": "helm-3.19.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-1.1.ppc64le",
"product": {
"name": "helm-bash-completion-3.19.1-1.1.ppc64le",
"product_id": "helm-bash-completion-3.19.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.19.1-1.1.ppc64le",
"product": {
"name": "helm-fish-completion-3.19.1-1.1.ppc64le",
"product_id": "helm-fish-completion-3.19.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.19.1-1.1.ppc64le",
"product": {
"name": "helm-zsh-completion-3.19.1-1.1.ppc64le",
"product_id": "helm-zsh-completion-3.19.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.s390x",
"product": {
"name": "helm-3.19.1-1.1.s390x",
"product_id": "helm-3.19.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-1.1.s390x",
"product": {
"name": "helm-bash-completion-3.19.1-1.1.s390x",
"product_id": "helm-bash-completion-3.19.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.19.1-1.1.s390x",
"product": {
"name": "helm-fish-completion-3.19.1-1.1.s390x",
"product_id": "helm-fish-completion-3.19.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.19.1-1.1.s390x",
"product": {
"name": "helm-zsh-completion-3.19.1-1.1.s390x",
"product_id": "helm-zsh-completion-3.19.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.x86_64",
"product": {
"name": "helm-3.19.1-1.1.x86_64",
"product_id": "helm-3.19.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-1.1.x86_64",
"product": {
"name": "helm-bash-completion-3.19.1-1.1.x86_64",
"product_id": "helm-bash-completion-3.19.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.19.1-1.1.x86_64",
"product": {
"name": "helm-fish-completion-3.19.1-1.1.x86_64",
"product_id": "helm-fish-completion-3.19.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.19.1-1.1.x86_64",
"product": {
"name": "helm-zsh-completion-3.19.1-1.1.x86_64",
"product_id": "helm-zsh-completion-3.19.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64"
},
"product_reference": "helm-3.19.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le"
},
"product_reference": "helm-3.19.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.19.1-1.1.s390x"
},
"product_reference": "helm-3.19.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64"
},
"product_reference": "helm-3.19.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64"
},
"product_reference": "helm-bash-completion-3.19.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le"
},
"product_reference": "helm-bash-completion-3.19.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x"
},
"product_reference": "helm-bash-completion-3.19.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64"
},
"product_reference": "helm-bash-completion-3.19.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64"
},
"product_reference": "helm-fish-completion-3.19.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le"
},
"product_reference": "helm-fish-completion-3.19.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x"
},
"product_reference": "helm-fish-completion-3.19.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64"
},
"product_reference": "helm-fish-completion-3.19.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64"
},
"product_reference": "helm-zsh-completion-3.19.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le"
},
"product_reference": "helm-zsh-completion-3.19.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x"
},
"product_reference": "helm-zsh-completion-3.19.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
},
"product_reference": "helm-zsh-completion-3.19.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-bash-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-fish-completion-3.19.1-1.1.x86_64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.aarch64",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.ppc64le",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.s390x",
"openSUSE Tumbleweed:helm-zsh-completion-3.19.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:20118-1
Vulnerability from csaf_opensuse - Published: 2025-11-27 12:30 - Updated: 2025-11-27 12:30Summary
Security update for gitea-tea
Notes
Title of the patch
Security update for gitea-tea
Description of the patch
This update for gitea-tea fixes the following issues:
Changes in gitea-tea:
- update to 0.11.1:
* 61d4e57 Fix Pr Create crash (#823)
* 4f33146 add test for matching logins (#820)
* 08b8398 Update README.md (#819)
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input (boo#1251663)
- CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents (boo#1251471)
- update to 0.11.0:
* Fix yaml output single quote (#814)
* generate man page (#811)
* feat: add validation for object-format flag in repo create
command (#741)
* Fix release version (#815)
* update gitea sdk to v0.22 (#813)
* don't fallback login directly (#806)
* Check duplicated login name in interact mode when creating new
login (#803)
* Fix bug when output json with special chars (#801)
* add debug mode and update readme (#805)
* update go.mod to retract the wrong tag v1.3.3 (#802)
* revert completion scripts removal (#808)
* Remove pagination from context (#807)
* Continue auth when failed to open browser (#794)
* Fix bug (#793)
* Fix tea login add with ssh public key bug (#789)
* Add temporary authentication via environment variables (#639)
* Fix attachment size (#787)
* deploy image when tagging (#792)
* Add Zip URL for release list (#788)
* Use bubbletea instead of survey for interacting with TUI (#786)
* capitalize a few items
* rm out of date comparison file
* README: Document logging in to gitea (#790)
* remove autocomplete command (#782)
* chore(deps): update ghcr.io/devcontainers/features/git-lfs
docker tag to v1.2.5 (#773)
* replace arch package url (#783)
* fix: Reenable -p and --limit switches (#778)
- Update to 0.10.1+git.1757695903.cc20b52:
- feat: add validation for object-format flag in repo create
command (see gh#openSUSE/openSUSE-git#60)
- Fix release version
- update gitea sdk to v0.22
- don't fallback login directly
- Check duplicated login name in interact mode when creating
new login
- Fix bug when output json with special chars
- add debug mode and update readme
- update go.mod to retract the wrong tag v1.3.3
- revert completion scripts removal
- Remove pagination from context
- Continue auth when failed to open browser
- Fix bug
- Fix tea login add with ssh public key bug
- Add temporary authentication via environment variables
- Fix attachment size
- deploy image when tagging
- Add Zip URL for release list
- Use bubbletea instead of survey for interacting with TUI
- capitalize a few items
- rm out of date comparison file
- README: Document logging in to gitea
- remove autocomplete command
- chore(deps): update ghcr.io/devcontainers/features/git-lfs
docker tag to v1.2.5
- replace arch package url
- fix: Reenable `-p` and `--limit` switches
Patchnames
openSUSE-Leap-16.0-packagehub-34
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gitea-tea",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gitea-tea fixes the following issues:\n\nChanges in gitea-tea:\n\n- update to 0.11.1:\n * 61d4e57 Fix Pr Create crash (#823)\n * 4f33146 add test for matching logins (#820)\n * 08b8398 Update README.md (#819)\n\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input (boo#1251663)\n- CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents (boo#1251471)\n\n- update to 0.11.0:\n * Fix yaml output single quote (#814)\n * generate man page (#811)\n * feat: add validation for object-format flag in repo create\n command (#741)\n * Fix release version (#815)\n * update gitea sdk to v0.22 (#813)\n * don\u0027t fallback login directly (#806)\n * Check duplicated login name in interact mode when creating new\n login (#803)\n * Fix bug when output json with special chars (#801)\n * add debug mode and update readme (#805)\n * update go.mod to retract the wrong tag v1.3.3 (#802)\n * revert completion scripts removal (#808)\n * Remove pagination from context (#807)\n * Continue auth when failed to open browser (#794)\n * Fix bug (#793)\n * Fix tea login add with ssh public key bug (#789)\n * Add temporary authentication via environment variables (#639)\n * Fix attachment size (#787)\n * deploy image when tagging (#792)\n * Add Zip URL for release list (#788)\n * Use bubbletea instead of survey for interacting with TUI (#786)\n * capitalize a few items\n * rm out of date comparison file\n * README: Document logging in to gitea (#790)\n * remove autocomplete command (#782)\n * chore(deps): update ghcr.io/devcontainers/features/git-lfs\n docker tag to v1.2.5 (#773)\n * replace arch package url (#783)\n * fix: Reenable -p and --limit switches (#778)\n\n- Update to 0.10.1+git.1757695903.cc20b52:\n - feat: add validation for object-format flag in repo create\n command (see gh#openSUSE/openSUSE-git#60)\n - Fix release version\n - update gitea sdk to v0.22\n - don\u0027t fallback login directly\n - Check duplicated login name in interact mode when creating\n new login\n - Fix bug when output json with special chars\n - add debug mode and update readme\n - update go.mod to retract the wrong tag v1.3.3\n - revert completion scripts removal\n - Remove pagination from context\n - Continue auth when failed to open browser\n - Fix bug\n - Fix tea login add with ssh public key bug\n - Add temporary authentication via environment variables\n - Fix attachment size\n - deploy image when tagging\n - Add Zip URL for release list\n - Use bubbletea instead of survey for interacting with TUI\n - capitalize a few items\n - rm out of date comparison file\n - README: Document logging in to gitea\n - remove autocomplete command\n - chore(deps): update ghcr.io/devcontainers/features/git-lfs\n docker tag to v1.2.5\n - replace arch package url\n - fix: Reenable `-p` and `--limit` switches\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-34",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_20118-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1251471",
"url": "https://bugzilla.suse.com/1251471"
},
{
"category": "self",
"summary": "SUSE Bug 1251663",
"url": "https://bugzilla.suse.com/1251663"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for gitea-tea",
"tracking": {
"current_release_date": "2025-11-27T12:30:27Z",
"generator": {
"date": "2025-11-27T12:30:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:20118-1",
"initial_release_date": "2025-11-27T12:30:27Z",
"revision_history": [
{
"date": "2025-11-27T12:30:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.1-bp160.1.1.aarch64",
"product": {
"name": "gitea-tea-0.11.1-bp160.1.1.aarch64",
"product_id": "gitea-tea-0.11.1-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"product": {
"name": "gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"product_id": "gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch"
}
},
{
"category": "product_version",
"name": "gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch",
"product": {
"name": "gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch",
"product_id": "gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.1-bp160.1.1.ppc64le",
"product": {
"name": "gitea-tea-0.11.1-bp160.1.1.ppc64le",
"product_id": "gitea-tea-0.11.1-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.1-bp160.1.1.s390x",
"product": {
"name": "gitea-tea-0.11.1-bp160.1.1.s390x",
"product_id": "gitea-tea-0.11.1-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gitea-tea-0.11.1-bp160.1.1.x86_64",
"product": {
"name": "gitea-tea-0.11.1-bp160.1.1.x86_64",
"product_id": "gitea-tea-0.11.1-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.1-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64"
},
"product_reference": "gitea-tea-0.11.1-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.1-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le"
},
"product_reference": "gitea-tea-0.11.1-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.1-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x"
},
"product_reference": "gitea-tea-0.11.1-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-0.11.1-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64"
},
"product_reference": "gitea-tea-0.11.1-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch"
},
"product_reference": "gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
},
"product_reference": "gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:gitea-tea-0.11.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:gitea-tea-bash-completion-0.11.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:gitea-tea-zsh-completion-0.11.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-27T12:30:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15654-1
Vulnerability from csaf_opensuse - Published: 2025-10-21 00:00 - Updated: 2025-10-21 00:00Summary
git-bug-0.10.1-2.1 on GA media
Notes
Title of the patch
git-bug-0.10.1-2.1 on GA media
Description of the patch
These are all security issues fixed in the git-bug-0.10.1-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15654
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "git-bug-0.10.1-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the git-bug-0.10.1-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15654",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15654-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "git-bug-0.10.1-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-21T00:00:00Z",
"generator": {
"date": "2025-10-21T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15654-1",
"initial_release_date": "2025-10-21T00:00:00Z",
"revision_history": [
{
"date": "2025-10-21T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-2.1.aarch64",
"product": {
"name": "git-bug-0.10.1-2.1.aarch64",
"product_id": "git-bug-0.10.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-2.1.aarch64",
"product": {
"name": "git-bug-bash-completion-0.10.1-2.1.aarch64",
"product_id": "git-bug-bash-completion-0.10.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-2.1.aarch64",
"product": {
"name": "git-bug-fish-completion-0.10.1-2.1.aarch64",
"product_id": "git-bug-fish-completion-0.10.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-2.1.aarch64",
"product": {
"name": "git-bug-zsh-completion-0.10.1-2.1.aarch64",
"product_id": "git-bug-zsh-completion-0.10.1-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-2.1.ppc64le",
"product": {
"name": "git-bug-0.10.1-2.1.ppc64le",
"product_id": "git-bug-0.10.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-2.1.ppc64le",
"product": {
"name": "git-bug-bash-completion-0.10.1-2.1.ppc64le",
"product_id": "git-bug-bash-completion-0.10.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-2.1.ppc64le",
"product": {
"name": "git-bug-fish-completion-0.10.1-2.1.ppc64le",
"product_id": "git-bug-fish-completion-0.10.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"product": {
"name": "git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"product_id": "git-bug-zsh-completion-0.10.1-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-2.1.s390x",
"product": {
"name": "git-bug-0.10.1-2.1.s390x",
"product_id": "git-bug-0.10.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-2.1.s390x",
"product": {
"name": "git-bug-bash-completion-0.10.1-2.1.s390x",
"product_id": "git-bug-bash-completion-0.10.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-2.1.s390x",
"product": {
"name": "git-bug-fish-completion-0.10.1-2.1.s390x",
"product_id": "git-bug-fish-completion-0.10.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-2.1.s390x",
"product": {
"name": "git-bug-zsh-completion-0.10.1-2.1.s390x",
"product_id": "git-bug-zsh-completion-0.10.1-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-2.1.x86_64",
"product": {
"name": "git-bug-0.10.1-2.1.x86_64",
"product_id": "git-bug-0.10.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-2.1.x86_64",
"product": {
"name": "git-bug-bash-completion-0.10.1-2.1.x86_64",
"product_id": "git-bug-bash-completion-0.10.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-2.1.x86_64",
"product": {
"name": "git-bug-fish-completion-0.10.1-2.1.x86_64",
"product_id": "git-bug-fish-completion-0.10.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-2.1.x86_64",
"product": {
"name": "git-bug-zsh-completion-0.10.1-2.1.x86_64",
"product_id": "git-bug-zsh-completion-0.10.1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64"
},
"product_reference": "git-bug-0.10.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le"
},
"product_reference": "git-bug-0.10.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x"
},
"product_reference": "git-bug-0.10.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64"
},
"product_reference": "git-bug-0.10.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64"
},
"product_reference": "git-bug-bash-completion-0.10.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le"
},
"product_reference": "git-bug-bash-completion-0.10.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x"
},
"product_reference": "git-bug-bash-completion-0.10.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64"
},
"product_reference": "git-bug-bash-completion-0.10.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64"
},
"product_reference": "git-bug-fish-completion-0.10.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le"
},
"product_reference": "git-bug-fish-completion-0.10.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x"
},
"product_reference": "git-bug-fish-completion-0.10.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64"
},
"product_reference": "git-bug-fish-completion-0.10.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64"
},
"product_reference": "git-bug-zsh-completion-0.10.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le"
},
"product_reference": "git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x"
},
"product_reference": "git-bug-zsh-completion-0.10.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
},
"product_reference": "git-bug-zsh-completion-0.10.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-21T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-bash-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-fish-completion-0.10.1-2.1.x86_64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.aarch64",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.ppc64le",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.s390x",
"openSUSE Tumbleweed:git-bug-zsh-completion-0.10.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-21T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15617-1
Vulnerability from csaf_opensuse - Published: 2025-10-09 00:00 - Updated: 2025-10-09 00:00Summary
forgejo-12.0.4-2.1 on GA media
Notes
Title of the patch
forgejo-12.0.4-2.1 on GA media
Description of the patch
These are all security issues fixed in the forgejo-12.0.4-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15617
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "forgejo-12.0.4-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the forgejo-12.0.4-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15617",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15617-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "forgejo-12.0.4-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-09T00:00:00Z",
"generator": {
"date": "2025-10-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15617-1",
"initial_release_date": "2025-10-09T00:00:00Z",
"revision_history": [
{
"date": "2025-10-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "forgejo-12.0.4-2.1.aarch64",
"product": {
"name": "forgejo-12.0.4-2.1.aarch64",
"product_id": "forgejo-12.0.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-12.0.4-2.1.aarch64",
"product": {
"name": "forgejo-apparmor-12.0.4-2.1.aarch64",
"product_id": "forgejo-apparmor-12.0.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"product": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"product_id": "forgejo-environment-to-ini-12.0.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-12.0.4-2.1.aarch64",
"product": {
"name": "forgejo-firewalld-12.0.4-2.1.aarch64",
"product_id": "forgejo-firewalld-12.0.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-12.0.4-2.1.aarch64",
"product": {
"name": "forgejo-selinux-12.0.4-2.1.aarch64",
"product_id": "forgejo-selinux-12.0.4-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-12.0.4-2.1.ppc64le",
"product": {
"name": "forgejo-12.0.4-2.1.ppc64le",
"product_id": "forgejo-12.0.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-12.0.4-2.1.ppc64le",
"product": {
"name": "forgejo-apparmor-12.0.4-2.1.ppc64le",
"product_id": "forgejo-apparmor-12.0.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"product": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"product_id": "forgejo-environment-to-ini-12.0.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-12.0.4-2.1.ppc64le",
"product": {
"name": "forgejo-firewalld-12.0.4-2.1.ppc64le",
"product_id": "forgejo-firewalld-12.0.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-12.0.4-2.1.ppc64le",
"product": {
"name": "forgejo-selinux-12.0.4-2.1.ppc64le",
"product_id": "forgejo-selinux-12.0.4-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-12.0.4-2.1.s390x",
"product": {
"name": "forgejo-12.0.4-2.1.s390x",
"product_id": "forgejo-12.0.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-12.0.4-2.1.s390x",
"product": {
"name": "forgejo-apparmor-12.0.4-2.1.s390x",
"product_id": "forgejo-apparmor-12.0.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-environment-to-ini-12.0.4-2.1.s390x",
"product": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.s390x",
"product_id": "forgejo-environment-to-ini-12.0.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-12.0.4-2.1.s390x",
"product": {
"name": "forgejo-firewalld-12.0.4-2.1.s390x",
"product_id": "forgejo-firewalld-12.0.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-12.0.4-2.1.s390x",
"product": {
"name": "forgejo-selinux-12.0.4-2.1.s390x",
"product_id": "forgejo-selinux-12.0.4-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-12.0.4-2.1.x86_64",
"product": {
"name": "forgejo-12.0.4-2.1.x86_64",
"product_id": "forgejo-12.0.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-12.0.4-2.1.x86_64",
"product": {
"name": "forgejo-apparmor-12.0.4-2.1.x86_64",
"product_id": "forgejo-apparmor-12.0.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"product": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"product_id": "forgejo-environment-to-ini-12.0.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-12.0.4-2.1.x86_64",
"product": {
"name": "forgejo-firewalld-12.0.4-2.1.x86_64",
"product_id": "forgejo-firewalld-12.0.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-12.0.4-2.1.x86_64",
"product": {
"name": "forgejo-selinux-12.0.4-2.1.x86_64",
"product_id": "forgejo-selinux-12.0.4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-12.0.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64"
},
"product_reference": "forgejo-12.0.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-12.0.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le"
},
"product_reference": "forgejo-12.0.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-12.0.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x"
},
"product_reference": "forgejo-12.0.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-12.0.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64"
},
"product_reference": "forgejo-12.0.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-12.0.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64"
},
"product_reference": "forgejo-apparmor-12.0.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-12.0.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le"
},
"product_reference": "forgejo-apparmor-12.0.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-12.0.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x"
},
"product_reference": "forgejo-apparmor-12.0.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-12.0.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64"
},
"product_reference": "forgejo-apparmor-12.0.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64"
},
"product_reference": "forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le"
},
"product_reference": "forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x"
},
"product_reference": "forgejo-environment-to-ini-12.0.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-environment-to-ini-12.0.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64"
},
"product_reference": "forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-12.0.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64"
},
"product_reference": "forgejo-firewalld-12.0.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-12.0.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le"
},
"product_reference": "forgejo-firewalld-12.0.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-12.0.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x"
},
"product_reference": "forgejo-firewalld-12.0.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-12.0.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64"
},
"product_reference": "forgejo-firewalld-12.0.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-12.0.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64"
},
"product_reference": "forgejo-selinux-12.0.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-12.0.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le"
},
"product_reference": "forgejo-selinux-12.0.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-12.0.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x"
},
"product_reference": "forgejo-selinux-12.0.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-12.0.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
},
"product_reference": "forgejo-selinux-12.0.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-environment-to-ini-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-12.0.4-2.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-12.0.4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2026:20044-1
Vulnerability from csaf_opensuse - Published: 2026-01-15 17:56 - Updated: 2026-01-15 17:56Summary
Security update for alloy
Notes
Title of the patch
Security update for alloy
Description of the patch
This update for alloy fixes the following issues:
Upgrade to version 1.12.1.
Security issues fixed:
- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents
(bsc#1251509).
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251716).
- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253609).
Other updates and bugfixes:
- Version 1.12.1:
* Bugfixes
- update to Beyla 2.7.10.
- Version 1.12.0:
* Breaking changes
- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component
ID instead of the hostname as their instance label in their exported metrics.
* Features
- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare's LogPush
jobs.
- (Experimental) Additions to experimental `database_observability.mysql` component:
- `explain_plans`
- collector now changes schema before returning the connection to the pool.
- collector now passes queries more permissively.
- enable `explain_plans` collector by default
- (Experimental) Additions to experimental `database_observability.postgres` component:
- `explain_plans`
- added the explain plan collector.
- collector now passes queries more permissively.
- `query_samples`
- add user field to wait events within `query_samples` collector.
- rework the query samples collector to buffer per-query execution state across scrapes and emit finalized
entries.
- process turned idle rows to calculate finalization times precisely and emit first seen idle rows.
- `query_details`
- escape queries coming from `pg_stat_statements` with quotes.
- enable `explain_plans` collector by default.
- safely generate `server_id` when UDP socket used for database connection.
- add table registry and include "validated" in parsed table name logs.
- Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud
Pub/Sub topic.
- Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.
- Send remote config status to the remote server for the `remotecfg` service.
- Send effective config to the remote server for the `remotecfg` service.
- Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting
both the query ID and the full SQL statement. The new block includes one option to enable statement selection,
and another to configure the maximum length of the statement text.
- Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.
- Add `u_probe_links` & `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of
the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.
- Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.
- Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.
- Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular
expression.
- OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.
- See the upstream
[core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)
and
[contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)
changelogs for more details.
- A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them
into a Mimir instance.
- Mark `stage.windowsevent` block in the `loki.process` component as GA.
* Enhancements
- Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one
application from consuming the rate limit quota of others.
- Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and
`pyroscope.receive_http`.
- Remove `SendSIGKILL=no` from unit files and recommendations.
- Reduce memory overhead of `prometheus.remote_write`'s WAL by lowering the size of the allocated series storage.
- Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from
`prometheus.relabel`.
- `prometheus.exporter.postgres` dependency has been updated to v0.18.1.
- Update Beyla component to 2.7.8.
- Support delimiters in `stage.luhn`.
- `pyroscope.java`: update `async-profiler` to 4.2.
- `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.
- `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.
- `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata
labels for use by downstream components.
- Rework underlying framework of Alloy UI to use Vite instead of Create React App.
- Use POST requests for remote config requests to avoid hitting http2 header limits.
- `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after
`graceful_shutdown_timeout` has expired.
- `kubernetes.discovery`: Add support for attaching namespace metadata.
- Add `meta_cache_address` to `beyla.ebpf` component.
* Bugfixes
- Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.
- Fix direction of arrows for pyroscope components in UI graph.
- Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.
- Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.
- Fix issues with "unknown series ref when trying to add exemplar" from `prometheus.remote_write` by allowing
series ref links to be updated if they change.
- Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node
filtering is enabled, preventing "Index with name `field:spec.nodeName` does not exist" errors.
- Fix issue in `loki.source.file` where scheduling files could take too long.
- Fix `loki.write` no longer includes internal labels __.
- Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.
- `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to
true.
- `loki.source.file` has better support for non-UTF-8 encoded files.
- Fix the `loki.write` endpoint block's `enable_http2` attribute to actually affect the client.
- Optionally remove trailing newlines before appending entries in `stage.multiline`.
- `loki.source.api` no longer drops request when relabel rules drops a specific stream.
Patchnames
openSUSE-Leap-16.0-149
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpgrade to version 1.12.1.\n\n\nSecurity issues fixed:\n\n- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents\n (bsc#1251509).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251716).\n- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in\n response to a key listing or signing request (bsc#1253609).\n\nOther updates and bugfixes:\n\n- Version 1.12.1:\n * Bugfixes\n - update to Beyla 2.7.10.\n\n- Version 1.12.0:\n * Breaking changes\n - `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component\n ID instead of the hostname as their instance label in their exported metrics.\n * Features\n - (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare\u0027s LogPush\n jobs.\n - (Experimental) Additions to experimental `database_observability.mysql` component:\n - `explain_plans`\n - collector now changes schema before returning the connection to the pool.\n - collector now passes queries more permissively.\n - enable `explain_plans` collector by default\n - (Experimental) Additions to experimental `database_observability.postgres` component:\n - `explain_plans`\n - added the explain plan collector.\n - collector now passes queries more permissively.\n - `query_samples`\n - add user field to wait events within `query_samples` collector.\n - rework the query samples collector to buffer per-query execution state across scrapes and emit finalized\n entries.\n - process turned idle rows to calculate finalization times precisely and emit first seen idle rows.\n - `query_details`\n - escape queries coming from `pg_stat_statements` with quotes.\n - enable `explain_plans` collector by default.\n - safely generate `server_id` when UDP socket used for database connection.\n - add table registry and include \"validated\" in parsed table name logs.\n - Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud\n Pub/Sub topic.\n - Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.\n - Send remote config status to the remote server for the `remotecfg` service.\n - Send effective config to the remote server for the `remotecfg` service.\n - Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting\n both the query ID and the full SQL statement. The new block includes one option to enable statement selection,\n and another to configure the maximum length of the statement text.\n - Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.\n - Add `u_probe_links` \u0026 `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of\n the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.\n - Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.\n - Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.\n - Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular\n expression.\n - OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.\n - See the upstream\n [core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)\n and\n [contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)\n changelogs for more details.\n - A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them\n into a Mimir instance.\n - Mark `stage.windowsevent` block in the `loki.process` component as GA.\n * Enhancements\n - Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one\n application from consuming the rate limit quota of others.\n - Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and\n `pyroscope.receive_http`.\n - Remove `SendSIGKILL=no` from unit files and recommendations.\n - Reduce memory overhead of `prometheus.remote_write`\u0027s WAL by lowering the size of the allocated series storage.\n - Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from\n `prometheus.relabel`.\n - `prometheus.exporter.postgres` dependency has been updated to v0.18.1.\n - Update Beyla component to 2.7.8.\n - Support delimiters in `stage.luhn`.\n - `pyroscope.java`: update `async-profiler` to 4.2.\n - `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.\n - `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.\n - `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata\n labels for use by downstream components.\n - Rework underlying framework of Alloy UI to use Vite instead of Create React App.\n - Use POST requests for remote config requests to avoid hitting http2 header limits.\n - `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after\n `graceful_shutdown_timeout` has expired.\n - `kubernetes.discovery`: Add support for attaching namespace metadata.\n - Add `meta_cache_address` to `beyla.ebpf` component.\n * Bugfixes\n - Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.\n - Fix direction of arrows for pyroscope components in UI graph.\n - Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.\n - Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.\n - Fix issues with \"unknown series ref when trying to add exemplar\" from `prometheus.remote_write` by allowing\n series ref links to be updated if they change.\n - Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node\n filtering is enabled, preventing \"Index with name `field:spec.nodeName` does not exist\" errors.\n - Fix issue in `loki.source.file` where scheduling files could take too long.\n - Fix `loki.write` no longer includes internal labels __.\n - Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.\n - `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to\n true.\n - `loki.source.file` has better support for non-UTF-8 encoded files.\n - Fix the `loki.write` endpoint block\u0027s `enable_http2` attribute to actually affect the client.\n - Optionally remove trailing newlines before appending entries in `stage.multiline`.\n - `loki.source.api` no longer drops request when relabel rules drops a specific stream.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-149",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20044-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1251509",
"url": "https://bugzilla.suse.com/1251509"
},
{
"category": "self",
"summary": "SUSE Bug 1251716",
"url": "https://bugzilla.suse.com/1251716"
},
{
"category": "self",
"summary": "SUSE Bug 1253609",
"url": "https://bugzilla.suse.com/1253609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-01-15T17:56:17Z",
"generator": {
"date": "2026-01-15T17:56:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20044-1",
"initial_release_date": "2026-01-15T17:56:17Z",
"revision_history": [
{
"date": "2026-01-15T17:56:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product": {
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product_id": "alloy-1.12.1-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product": {
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product_id": "alloy-1.12.1-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.s390x",
"product": {
"name": "alloy-1.12.1-160000.1.1.s390x",
"product_id": "alloy-1.12.1-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product": {
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product_id": "alloy-1.12.1-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64"
},
"product_reference": "alloy-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x"
},
"product_reference": "alloy-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
},
"product_reference": "alloy-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:56:17Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.aarch64",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.s390x",
"openSUSE Leap 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15620-1
Vulnerability from csaf_opensuse - Published: 2025-10-09 00:00 - Updated: 2025-10-09 00:00Summary
headscale-0.26.1-2.1 on GA media
Notes
Title of the patch
headscale-0.26.1-2.1 on GA media
Description of the patch
These are all security issues fixed in the headscale-0.26.1-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15620
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "headscale-0.26.1-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the headscale-0.26.1-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15620",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15620-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "headscale-0.26.1-2.1 on GA media",
"tracking": {
"current_release_date": "2025-10-09T00:00:00Z",
"generator": {
"date": "2025-10-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15620-1",
"initial_release_date": "2025-10-09T00:00:00Z",
"revision_history": [
{
"date": "2025-10-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "headscale-0.26.1-2.1.aarch64",
"product": {
"name": "headscale-0.26.1-2.1.aarch64",
"product_id": "headscale-0.26.1-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "headscale-0.26.1-2.1.ppc64le",
"product": {
"name": "headscale-0.26.1-2.1.ppc64le",
"product_id": "headscale-0.26.1-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "headscale-0.26.1-2.1.s390x",
"product": {
"name": "headscale-0.26.1-2.1.s390x",
"product_id": "headscale-0.26.1-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "headscale-0.26.1-2.1.x86_64",
"product": {
"name": "headscale-0.26.1-2.1.x86_64",
"product_id": "headscale-0.26.1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "headscale-0.26.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64"
},
"product_reference": "headscale-0.26.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "headscale-0.26.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le"
},
"product_reference": "headscale-0.26.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "headscale-0.26.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x"
},
"product_reference": "headscale-0.26.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "headscale-0.26.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
},
"product_reference": "headscale-0.26.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:headscale-0.26.1-2.1.aarch64",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.ppc64le",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.s390x",
"openSUSE Tumbleweed:headscale-0.26.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15709-1
Vulnerability from csaf_opensuse - Published: 2025-11-07 00:00 - Updated: 2025-11-07 00:00Summary
google-osconfig-agent-20251028.00-1.1 on GA media
Notes
Title of the patch
google-osconfig-agent-20251028.00-1.1 on GA media
Description of the patch
These are all security issues fixed in the google-osconfig-agent-20251028.00-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15709
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "google-osconfig-agent-20251028.00-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the google-osconfig-agent-20251028.00-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15709",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15709-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "google-osconfig-agent-20251028.00-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-07T00:00:00Z",
"generator": {
"date": "2025-11-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15709-1",
"initial_release_date": "2025-11-07T00:00:00Z",
"revision_history": [
{
"date": "2025-11-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20251028.00-1.1.aarch64",
"product": {
"name": "google-osconfig-agent-20251028.00-1.1.aarch64",
"product_id": "google-osconfig-agent-20251028.00-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20251028.00-1.1.ppc64le",
"product": {
"name": "google-osconfig-agent-20251028.00-1.1.ppc64le",
"product_id": "google-osconfig-agent-20251028.00-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20251028.00-1.1.s390x",
"product": {
"name": "google-osconfig-agent-20251028.00-1.1.s390x",
"product_id": "google-osconfig-agent-20251028.00-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "google-osconfig-agent-20251028.00-1.1.x86_64",
"product": {
"name": "google-osconfig-agent-20251028.00-1.1.x86_64",
"product_id": "google-osconfig-agent-20251028.00-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20251028.00-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64"
},
"product_reference": "google-osconfig-agent-20251028.00-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20251028.00-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le"
},
"product_reference": "google-osconfig-agent-20251028.00-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20251028.00-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x"
},
"product_reference": "google-osconfig-agent-20251028.00-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "google-osconfig-agent-20251028.00-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
},
"product_reference": "google-osconfig-agent-20251028.00-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.aarch64",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.ppc64le",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.s390x",
"openSUSE Tumbleweed:google-osconfig-agent-20251028.00-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15830-1
Vulnerability from csaf_opensuse - Published: 2025-12-19 00:00 - Updated: 2025-12-19 00:00Summary
alloy-1.12.0-2.1 on GA media
Notes
Title of the patch
alloy-1.12.0-2.1 on GA media
Description of the patch
These are all security issues fixed in the alloy-1.12.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15830
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "alloy-1.12.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the alloy-1.12.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15830",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15830-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "alloy-1.12.0-2.1 on GA media",
"tracking": {
"current_release_date": "2025-12-19T00:00:00Z",
"generator": {
"date": "2025-12-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15830-1",
"initial_release_date": "2025-12-19T00:00:00Z",
"revision_history": [
{
"date": "2025-12-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.0-2.1.aarch64",
"product": {
"name": "alloy-1.12.0-2.1.aarch64",
"product_id": "alloy-1.12.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.0-2.1.ppc64le",
"product": {
"name": "alloy-1.12.0-2.1.ppc64le",
"product_id": "alloy-1.12.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.0-2.1.s390x",
"product": {
"name": "alloy-1.12.0-2.1.s390x",
"product_id": "alloy-1.12.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.0-2.1.x86_64",
"product": {
"name": "alloy-1.12.0-2.1.x86_64",
"product_id": "alloy-1.12.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64"
},
"product_reference": "alloy-1.12.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le"
},
"product_reference": "alloy-1.12.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x"
},
"product_reference": "alloy-1.12.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
},
"product_reference": "alloy-1.12.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.12.0-2.1.aarch64",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.s390x",
"openSUSE Tumbleweed:alloy-1.12.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:20143-1
Vulnerability from csaf_opensuse - Published: 2025-12-04 13:08 - Updated: 2025-12-04 13:08Summary
Security update for git-bug
Notes
Title of the patch
Security update for git-bug
Description of the patch
This update for git-bug fixes the following issues:
Changes in git-bug:
- Revendor to include fixed version of depending libraries:
- GO-2025-4116 (CVE-2025-47913, bsc#1253506) upgrade
golang.org/x/crypto to v0.43.0
- GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade
github.com/go-viper/mapstructure/v2 to v2.4.0
- GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous
- GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade
github.com/cloudflare/circl to v1.6.1
- GO-2025-4134 (CVE-2025-58181, bsc#1253930) upgrade
golang.org/x/crypto/ssh to v0.45.0
- GO-2025-4135 (CVE-2025-47914, bsc#1254084) upgrade
golang.org/x/crypto/ssh/agent to v0.45.0
- Revendor to include golang.org/x/net/html v 0.45.0 to prevent
possible DoS by various algorithms with quadratic complexity
when parsing HTML documents (bsc#1251463, CVE-2025-47911 and
bsc#1251664, CVE-2025-58190).
Update to version 0.10.1:
- cli: ignore missing sections when removing configuration (ddb22a2f)
Update to version 0.10.0:
- bridge: correct command used to create a new bridge (9942337b)
- web: simplify header navigation (7e95b169)
- webui: remark upgrade + gfm + syntax highlighting (6ee47b96)
- BREAKING CHANGE: dev-infra: remove gokart (89b880bd)
Update to version 0.10.0:
- bridge: correct command used to create a new bridge (9942337b)
- web: simplify header navigation (7e95b169)
- web: remark upgrade + gfm + syntax highlighting (6ee47b96)
Update to version 0.9.0:
- completion: remove errata from string literal (aa102c91)
- tui: improve readability of the help bar (23be684a)
Update to version 0.8.1+git.1746484874.96c7a111:
* docs: update install, contrib, and usage documentation (#1222)
* fix: resolve the remote URI using url.*.insteadOf (#1394)
* build(deps): bump the go_modules group across 1 directory with 3 updates (#1376)
* chore: gofmt simplify gitlab/export_test.go (#1392)
* fix: checkout repo before setting up go environment (#1390)
* feat: bump to go v1.24.2 (#1389)
* chore: update golang.org/x/net (#1379)
* fix: use -0700 when formatting time (#1388)
* fix: use correct url for gitlab PATs (#1384)
* refactor: remove depdendency on pnpm for auto-label action (#1383)
* feat: add action: auto-label (#1380)
* feat: remove lifecycle/frozen (#1377)
* build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378)
* feat: support new exclusion label: lifecycle/pinned (#1375)
* fix: refactor how gitlab title changes are detected (#1370)
* revert: "Create Dependabot config file" (#1374)
* refactor: rename //:git-bug.go to //:main.go (#1373)
* build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361)
* fix: set GitLastTag to an empty string when git-describe errors (#1355)
* chore: update go-git to v5@masterupdate_mods (#1284)
* refactor: Directly swap two variables to optimize code (#1272)
* Update README.md Matrix link to new room (#1275)
- Update to version 0.8.0+git.1742269202.0ab94c9:
* deps(crypto): bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337) (#1312)
- Update golang.org/x/crypto/ssh to v0.35.0 (bsc#1239494,
CVE-2025-22869).
- Add missing Requires to completion subpackages.
Update to version 0.8.0+git.1733745604.d499b6e:
* fix typos in docs (#1266)
* build(deps): bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0 (#1289)
- bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337, bsc#1234565).
Patchnames
openSUSE-Leap-16.0-packagehub-46
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for git-bug",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for git-bug fixes the following issues:\n\nChanges in git-bug:\n\n- Revendor to include fixed version of depending libraries:\n - GO-2025-4116 (CVE-2025-47913, bsc#1253506) upgrade\n golang.org/x/crypto to v0.43.0\n - GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade\n github.com/go-viper/mapstructure/v2 to v2.4.0\n - GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous\n - GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade\n github.com/cloudflare/circl to v1.6.1\n - GO-2025-4134 (CVE-2025-58181, bsc#1253930) upgrade\n golang.org/x/crypto/ssh to v0.45.0\n - GO-2025-4135 (CVE-2025-47914, bsc#1254084) upgrade\n golang.org/x/crypto/ssh/agent to v0.45.0\n\n- Revendor to include golang.org/x/net/html v 0.45.0 to prevent\n possible DoS by various algorithms with quadratic complexity\n when parsing HTML documents (bsc#1251463, CVE-2025-47911 and\n bsc#1251664, CVE-2025-58190).\n\nUpdate to version 0.10.1:\n\n - cli: ignore missing sections when removing configuration (ddb22a2f)\n\nUpdate to version 0.10.0:\n\n - bridge: correct command used to create a new bridge (9942337b)\n - web: simplify header navigation (7e95b169)\n - webui: remark upgrade + gfm + syntax highlighting (6ee47b96)\n - BREAKING CHANGE: dev-infra: remove gokart (89b880bd)\n\nUpdate to version 0.10.0:\n\n - bridge: correct command used to create a new bridge (9942337b)\n - web: simplify header navigation (7e95b169)\n - web: remark upgrade + gfm + syntax highlighting (6ee47b96)\n\nUpdate to version 0.9.0:\n\n - completion: remove errata from string literal (aa102c91)\n - tui: improve readability of the help bar (23be684a)\n\nUpdate to version 0.8.1+git.1746484874.96c7a111:\n\n * docs: update install, contrib, and usage documentation (#1222)\n * fix: resolve the remote URI using url.*.insteadOf (#1394)\n * build(deps): bump the go_modules group across 1 directory with 3 updates (#1376)\n * chore: gofmt simplify gitlab/export_test.go (#1392)\n * fix: checkout repo before setting up go environment (#1390)\n * feat: bump to go v1.24.2 (#1389)\n * chore: update golang.org/x/net (#1379)\n * fix: use -0700 when formatting time (#1388)\n * fix: use correct url for gitlab PATs (#1384)\n * refactor: remove depdendency on pnpm for auto-label action (#1383)\n * feat: add action: auto-label (#1380)\n * feat: remove lifecycle/frozen (#1377)\n * build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378)\n * feat: support new exclusion label: lifecycle/pinned (#1375)\n * fix: refactor how gitlab title changes are detected (#1370)\n * revert: \"Create Dependabot config file\" (#1374)\n * refactor: rename //:git-bug.go to //:main.go (#1373)\n * build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361)\n * fix: set GitLastTag to an empty string when git-describe errors (#1355)\n * chore: update go-git to v5@masterupdate_mods (#1284)\n * refactor: Directly swap two variables to optimize code (#1272)\n * Update README.md Matrix link to new room (#1275)\n\n- Update to version 0.8.0+git.1742269202.0ab94c9:\n * deps(crypto): bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337) (#1312)\n\n- Update golang.org/x/crypto/ssh to v0.35.0 (bsc#1239494,\n CVE-2025-22869).\n\n- Add missing Requires to completion subpackages.\n\nUpdate to version 0.8.0+git.1733745604.d499b6e:\n\n * fix typos in docs (#1266)\n * build(deps): bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0 (#1289)\n\n- bump golang.org/x/crypto from v0.26.0 to v0.31.0 (fix for CVE-2024-45337, bsc#1234565).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-46",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_20143-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1234565",
"url": "https://bugzilla.suse.com/1234565"
},
{
"category": "self",
"summary": "SUSE Bug 1239494",
"url": "https://bugzilla.suse.com/1239494"
},
{
"category": "self",
"summary": "SUSE Bug 1251463",
"url": "https://bugzilla.suse.com/1251463"
},
{
"category": "self",
"summary": "SUSE Bug 1251664",
"url": "https://bugzilla.suse.com/1251664"
},
{
"category": "self",
"summary": "SUSE Bug 1253506",
"url": "https://bugzilla.suse.com/1253506"
},
{
"category": "self",
"summary": "SUSE Bug 1253930",
"url": "https://bugzilla.suse.com/1253930"
},
{
"category": "self",
"summary": "SUSE Bug 1254084",
"url": "https://bugzilla.suse.com/1254084"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for git-bug",
"tracking": {
"current_release_date": "2025-12-04T13:08:26Z",
"generator": {
"date": "2025-12-04T13:08:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:20143-1",
"initial_release_date": "2025-12-04T13:08:26Z",
"revision_history": [
{
"date": "2025-12-04T13:08:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.aarch64",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.aarch64",
"product_id": "git-bug-0.10.1-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch"
}
},
{
"category": "product_version",
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch"
}
},
{
"category": "product_version",
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"product": {
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"product_id": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.ppc64le",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.ppc64le",
"product_id": "git-bug-0.10.1-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.s390x",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.s390x",
"product_id": "git-bug-0.10.1-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "git-bug-0.10.1-bp160.1.1.x86_64",
"product": {
"name": "git-bug-0.10.1-bp160.1.1.x86_64",
"product_id": "git-bug-0.10.1-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-0.10.1-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64"
},
"product_reference": "git-bug-0.10.1-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
},
"product_reference": "git-bug-zsh-completion-0.10.1-bp160.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:git-bug-0.10.1-bp160.1.1.x86_64",
"openSUSE Leap 16.0:git-bug-bash-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-fish-completion-0.10.1-bp160.1.1.noarch",
"openSUSE Leap 16.0:git-bug-zsh-completion-0.10.1-bp160.1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T13:08:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2026:20105-1
Vulnerability from csaf_opensuse - Published: 2026-01-23 10:02 - Updated: 2026-01-23 10:02Summary
Security update for sbctl
Notes
Title of the patch
Security update for sbctl
Description of the patch
This update for sbctl fixes the following issues:
Changes in sbctl:
- Upgrade the embedded golang.org/x/net to 0.46.0
* Fixes: bsc#1251399, CVE-2025-47911: various algorithms with
quadratic complexity when parsing HTML documents
* Fixes: bsc#1251609, CVE-2025-58190: excessive memory consumption
by 'html.ParseFragment' when processing specially crafted input
- Update to version 0.18:
* logging: fixup new go vet warning
* workflows: add cc for cross compile
* workflow: add sudo to apt
* workflow: add pcsclite to ci
* workflow: try enable cgo
* go.mod: update golang.org/x/ dependencies
* fix: avoid adding bogus Country attribute to subject DNs
* sbctl: only store file if we did actually sign the file
* installkernel: add post install hook for Debian's traditional installkernel
* CI: missing libpcsclite pkg
* workflows: add missing depends and new pattern keyword
* Add yubikey example for create keys to the README
* Initial yubikey backend keytype support
* verify: ensure we pass args in correct order
- bsc#1248949 (CVE-2025-58058):
Bump xz to 0.5.14
- Update to version 0.17:
* Ensure we don't wrongly compare input/output files when signing
* Added --json supprt to sbctl verify
* Ensure sbctl setup with no arguments returns a helpful output
* Import latest Microsoft keys for KEK and db databases
* Ensure we print the path of the file when encountering an invalid PE file
* Misc fixups in tests
* Misc typo fixes in prints
- Update to version 0.16:
* Ensure sbctl reads --config even if /etc/sbctl/sbctl.conf is
present
* Fixed a bug where sbctl would abort if the TPM eventlog
contains the same byte multiple times
* Fixed a landlock bug where enroll-keys --export did not work
* Fixed a bug where an ESP mounted to multiple paths would not be
detected
* Exporting keys without efivars present work again
* sbctl sign will now use the saved output path if the signed
file is enrolled
* enroll-keys --append will now work without --force.
- Updates from version 0.15.4:
* Fixed an issue where sign-all did not report a non-zero exit
code when something failed
* Fixed and issue where we couldn't write to a file with landlock
* Fixed an issue where --json would print the human readable
output and the json
* Fixes landlock for UKI/bundles by disabling the sandbox feature
* Some doc fixups that mentioned /usr/share/
Patchnames
openSUSE-Leap-16.0-packagehub-93
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for sbctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for sbctl fixes the following issues:\n\nChanges in sbctl:\n\n- Upgrade the embedded golang.org/x/net to 0.46.0\n * Fixes: bsc#1251399, CVE-2025-47911: various algorithms with\n quadratic complexity when parsing HTML documents\n * Fixes: bsc#1251609, CVE-2025-58190: excessive memory consumption\n by \u0027html.ParseFragment\u0027 when processing specially crafted input\n\n- Update to version 0.18:\n * logging: fixup new go vet warning\n * workflows: add cc for cross compile\n * workflow: add sudo to apt\n * workflow: add pcsclite to ci\n * workflow: try enable cgo\n * go.mod: update golang.org/x/ dependencies\n * fix: avoid adding bogus Country attribute to subject DNs\n * sbctl: only store file if we did actually sign the file\n * installkernel: add post install hook for Debian\u0027s traditional installkernel\n * CI: missing libpcsclite pkg\n * workflows: add missing depends and new pattern keyword\n * Add yubikey example for create keys to the README\n * Initial yubikey backend keytype support\n * verify: ensure we pass args in correct order\n\n- bsc#1248949 (CVE-2025-58058):\n Bump xz to 0.5.14\n\n- Update to version 0.17:\n * Ensure we don\u0027t wrongly compare input/output files when signing\n * Added --json supprt to sbctl verify\n * Ensure sbctl setup with no arguments returns a helpful output\n * Import latest Microsoft keys for KEK and db databases\n * Ensure we print the path of the file when encountering an invalid PE file\n * Misc fixups in tests\n * Misc typo fixes in prints\n\n- Update to version 0.16:\n * Ensure sbctl reads --config even if /etc/sbctl/sbctl.conf is\n present\n * Fixed a bug where sbctl would abort if the TPM eventlog\n contains the same byte multiple times\n * Fixed a landlock bug where enroll-keys --export did not work\n * Fixed a bug where an ESP mounted to multiple paths would not be\n detected\n * Exporting keys without efivars present work again\n * sbctl sign will now use the saved output path if the signed\n file is enrolled\n * enroll-keys --append will now work without --force.\n- Updates from version 0.15.4:\n * Fixed an issue where sign-all did not report a non-zero exit\n code when something failed\n * Fixed and issue where we couldn\u0027t write to a file with landlock\n * Fixed an issue where --json would print the human readable\n output and the json\n * Fixes landlock for UKI/bundles by disabling the sandbox feature\n * Some doc fixups that mentioned /usr/share/\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-93",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20105-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1248949",
"url": "https://bugzilla.suse.com/1248949"
},
{
"category": "self",
"summary": "SUSE Bug 1251399",
"url": "https://bugzilla.suse.com/1251399"
},
{
"category": "self",
"summary": "SUSE Bug 1251609",
"url": "https://bugzilla.suse.com/1251609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for sbctl",
"tracking": {
"current_release_date": "2026-01-23T10:02:42Z",
"generator": {
"date": "2026-01-23T10:02:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20105-1",
"initial_release_date": "2026-01-23T10:02:42Z",
"revision_history": [
{
"date": "2026-01-23T10:02:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-bp160.1.1.aarch64",
"product": {
"name": "sbctl-0.18-bp160.1.1.aarch64",
"product_id": "sbctl-0.18-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "sbctl-0.18-bp160.1.1.x86_64",
"product": {
"name": "sbctl-0.18-bp160.1.1.x86_64",
"product_id": "sbctl-0.18-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64"
},
"product_reference": "sbctl-0.18-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sbctl-0.18-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
},
"product_reference": "sbctl-0.18-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-23T10:02:42Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58058"
}
],
"notes": [
{
"category": "general",
"text": "xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn\u0027t include a magic number or has a checksum to detect such an issue according to the specification. Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done. This issue has been patched in version 0.5.14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58058",
"url": "https://www.suse.com/security/cve/CVE-2025-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1248889 for CVE-2025-58058",
"url": "https://bugzilla.suse.com/1248889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-23T10:02:42Z",
"details": "moderate"
}
],
"title": "CVE-2025-58058"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.aarch64",
"openSUSE Leap 16.0:sbctl-0.18-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-23T10:02:42Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15854-1
Vulnerability from csaf_opensuse - Published: 2025-12-31 00:00 - Updated: 2025-12-31 00:00Summary
kepler-0.11.3-1.1 on GA media
Notes
Title of the patch
kepler-0.11.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the kepler-0.11.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15854
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kepler-0.11.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kepler-0.11.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15854",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15854-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "kepler-0.11.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-12-31T00:00:00Z",
"generator": {
"date": "2025-12-31T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15854-1",
"initial_release_date": "2025-12-31T00:00:00Z",
"revision_history": [
{
"date": "2025-12-31T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kepler-0.11.3-1.1.aarch64",
"product": {
"name": "kepler-0.11.3-1.1.aarch64",
"product_id": "kepler-0.11.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kepler-0.11.3-1.1.ppc64le",
"product": {
"name": "kepler-0.11.3-1.1.ppc64le",
"product_id": "kepler-0.11.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kepler-0.11.3-1.1.s390x",
"product": {
"name": "kepler-0.11.3-1.1.s390x",
"product_id": "kepler-0.11.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kepler-0.11.3-1.1.x86_64",
"product": {
"name": "kepler-0.11.3-1.1.x86_64",
"product_id": "kepler-0.11.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kepler-0.11.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64"
},
"product_reference": "kepler-0.11.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kepler-0.11.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le"
},
"product_reference": "kepler-0.11.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kepler-0.11.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x"
},
"product_reference": "kepler-0.11.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kepler-0.11.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
},
"product_reference": "kepler-0.11.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-31T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kepler-0.11.3-1.1.aarch64",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.ppc64le",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.s390x",
"openSUSE Tumbleweed:kepler-0.11.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-31T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:20160-1
Vulnerability from csaf_opensuse - Published: 2025-12-12 13:20 - Updated: 2025-12-12 13:20Summary
Security update for hauler
Notes
Title of the patch
Security update for hauler
Description of the patch
This update for hauler fixes the following issues:
- Update to version 1.3.1 (bsc#1251516, CVE-2025-47911,
bsc#1251891, CVE-2025-11579, bsc#1251651, CVE-2025-58190,
bsc#1248937, CVE-2025-58058):
* bump github.com/containerd/containerd (#474)
* another fix to tests for new tests (#472)
* fixed typo in testdata (#471)
* fixed/cleaned new tests (#470)
* trying a new way for hauler testing (#467)
* update for cosign v3 verify (#469)
* added digests view to info (#465)
* bump github.com/nwaples/rardecode/v2 from 2.1.1 to 2.2.0 in the go_modules group across 1 directory (#457)
* update oras-go to v1.2.7 for security patches (#464)
* update cosign to v3.0.2+hauler.1 (#463)
* fixed homebrew directory deprecation (#462)
* add registry logout command (#460)
- Update to version 1.3.0:
* bump the go_modules group across 1 directory with 2 updates (#455)
* upgraded versions/dependencies/deprecations (#454)
* allow loading of docker tarballs (#452)
* bump the go_modules group across 1 directory with 2 updates (#449)
- update to 1.2.5 (bsc#1246722, CVE-2025-46569):
* Bump github.com/open-policy-agent/opa from 1.1.0 to 1.4.0 in
the go_modules group across 1 directory (CVE-2025-46569)
* deprecate auth from hauler store copy
* Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 in the
go_modules group across 1 directory
* Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0
in the go_modules group across 1 directory
* upgraded go and dependencies versions
- Update to version 1.2.5:
* upgraded go and dependencies versions (#444)
* Bump github.com/go-viper/mapstructure/v2 (#442)
* bump github.com/cloudflare/circl (#441)
* deprecate auth from hauler store copy (#440)
* Bump github.com/open-policy-agent/opa (#438)
- update to 1.2.4 (CVE-2025-22872, bsc#1241804):
* Bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules
group across 1 directory
* minor tests updates
- Update to version 1.2.3:
* formatting and flag text updates
* add keyless signature verification (#434)
* bump helm.sh/helm/v3 in the go_modules group across 1 directory (#430)
* add --only flag to hauler store copy (for images) (#429)
* fix tlog verification error/warning output (#428)
- Update to version 1.2.2 (bsc#1241184, CVE-2024-0406):
* cleanup new tlog flag typos and add shorthand (#426)
* default public transparency log verification to false to be airgap friendly but allow override (#425)
* bump github.com/golang-jwt/jwt/v4 (#423)
* bump the go_modules group across 1 directory with 2 updates (#422)
* bump github.com/go-jose/go-jose/v3 (#417)
* bump github.com/go-jose/go-jose/v4 (#415)
* clear default manifest name if product flag used with sync (#412)
* updates for v1.2.0 (#408)
* fixed remote code (#407)
* added remote file fetch to load (#406)
* added remote and multiple file fetch to sync (#405)
* updated save flag and related logs (#404)
* updated load flag and related logs [breaking change] (#403)
* updated sync flag and related logs [breaking change] (#402)
* upgraded api update to v1/updated dependencies (#400)
* fixed consts for oci declarations (#398)
* fix for correctly grabbing platform post cosign 2.4 updates (#393)
* use cosign v2.4.1+carbide.2 to address containerd annotation in index.json (#390)
* Bump the go_modules group across 1 directory with 2 updates (#385)
* replace mholt/archiver with mholt/archives (#384)
* forked cosign bump to 2.4.1 and use as a library vs embedded binary (#383)
* cleaned up registry and improved logging (#378)
* Bump golang.org/x/crypto in the go_modules group across 1 directory (#377)
- bump net/html dependencies (bsc#1235332, CVE-2024-45338)
- Update to version 1.1.1:
* fixed cli desc for store env var (#374)
* updated versions for go/k8s/helm (#373)
* updated version flag to internal/flags (#369)
* renamed incorrectly named consts (#371)
* added store env var (#370)
* adding ignore errors and retries for continue on error/fail on error (#368)
* updated/fixed hauler directory (#354)
* standardize consts (#353)
* removed cachedir code (#355)
* removed k3s code (#352)
* updated dependencies for go, helm, and k8s (#351)
* [feature] build with boring crypto where available (#344)
* updated workflow to goreleaser builds (#341)
* added timeout to goreleaser workflow (#340)
* trying new workflow build processes (#337)
* improved workflow performance (#336)
* have extract use proper ref (#335)
* yet another workflow goreleaser fix (#334)
* even more workflow fixes (#333)
* added more fixes to github workflow (#332)
* fixed typo in hauler store save (#331)
* updates to fix build processes (#330)
* added integration tests for non hauler tarballs (#325)
* bump: golang >= 1.23.1 (#328)
* add platform flag to store save (#329)
* Update feature_request.md
* updated/standardize command descriptions (#313)
* use new annotation for 'store save' manifest.json (#324)
* enable docker load for hauler tarballs (#320)
* bump to cosign v2.2.3-carbide.3 for new annotation (#322)
* continue on error when adding images to store (#317)
* Update README.md (#318)
* fixed completion commands (#312)
* github.com/rancherfederal/hauler => hauler.dev/go/hauler (#311)
* pages: enable go install hauler.dev/go/hauler (#310)
* Create CNAME
* pages: initial workflow (#309)
* testing and linting updates (#305)
* feat-273: TLS Flags (#303)
* added list-repos flag (#298)
* fixed hauler login typo (#299)
* updated cobra function for shell completion (#304)
* updated install.sh to remove github api (#293)
* fix image ref keys getting squashed when containing sigs/atts (#291)
* fix missing versin info in release build (#283)
* bump github.com/docker/docker in the go_modules group across 1 directory (#281)
* updated install script (`install.sh`) (#280)
* fix digest images being lost on load of hauls (Signed). (#259)
* feat: add readonly flag (#277)
* fixed makefile for goreleaser v2 changes (#278)
* updated goreleaser versioning defaults (#279)
* update feature_request.md (#274)
* updated old references
* updated actions workflow user
* added dockerhub to github actions workflow
* removed helm chart
* added debug container and workflow
* updated products flag description
* updated chart for release
* fixed workflow errors/warnings
* fixed permissions on testdata
* updated chart versions (will need to update again)
* last bit of fixes to workflow
* updated unit test workflow
* updated goreleaser deprecations
* added helm chart release job
* updated github template names
* updated imports (and go fmt)
* formatted gitignore to match dockerignore
* formatted all code (go fmt)
* updated chart tests for new features
* Adding the timeout flag for fileserver command
* Configure chart commands to use helm clients for OCI and private registry support
* Added some documentation text to sync command
* Bump golang.org/x/net from 0.17.0 to 0.23.0
* fix for dup digest smashing in cosign
* removed vagrant scripts
* last bit of updates and formatting of chart
* updated hauler testdata
* adding functionality and cleaning up
* added initial helm chart
* removed tag in release workflow
* updated/fixed image ref in release workflow
* updated/fixed platforms in release workflow
* updated/cleaned github actions (#222)
* Make Product Registry configurable (#194)
* updated fileserver directory name (#219)
* fix logging for files
* add extra info for the tempdir override flag
* tempdir override flag for load
* deprecate the cache flag instead of remove
* switch to using bci-golang as builder image
* fix: ensure /tmp for hauler store load
* added the copy back for now
* remove copy at the image sync not needed with cosign update
* removed misleading cache flag
* better logging when adding to store
* update to v2.2.3 of our cosign fork
* add: dockerignore
* add: Dockerfile
* Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
* Bump github.com/docker/docker
* updated and added new logos
* updated github files
Patchnames
openSUSE-Leap-16.0-packagehub-54
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for hauler",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for hauler fixes the following issues:\n\n- Update to version 1.3.1 (bsc#1251516, CVE-2025-47911,\n bsc#1251891, CVE-2025-11579, bsc#1251651, CVE-2025-58190,\n bsc#1248937, CVE-2025-58058):\n * bump github.com/containerd/containerd (#474)\n * another fix to tests for new tests (#472)\n * fixed typo in testdata (#471)\n * fixed/cleaned new tests (#470)\n * trying a new way for hauler testing (#467)\n * update for cosign v3 verify (#469)\n * added digests view to info (#465)\n * bump github.com/nwaples/rardecode/v2 from 2.1.1 to 2.2.0 in the go_modules group across 1 directory (#457)\n * update oras-go to v1.2.7 for security patches (#464)\n * update cosign to v3.0.2+hauler.1 (#463)\n * fixed homebrew directory deprecation (#462)\n * add registry logout command (#460)\n\n- Update to version 1.3.0:\n * bump the go_modules group across 1 directory with 2 updates (#455)\n * upgraded versions/dependencies/deprecations (#454)\n * allow loading of docker tarballs (#452)\n * bump the go_modules group across 1 directory with 2 updates (#449)\n\n- update to 1.2.5 (bsc#1246722, CVE-2025-46569):\n * Bump github.com/open-policy-agent/opa from 1.1.0 to 1.4.0 in\n the go_modules group across 1 directory (CVE-2025-46569)\n * deprecate auth from hauler store copy\n * Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 in the\n go_modules group across 1 directory\n * Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0\n in the go_modules group across 1 directory\n * upgraded go and dependencies versions\n\n- Update to version 1.2.5:\n * upgraded go and dependencies versions (#444)\n * Bump github.com/go-viper/mapstructure/v2 (#442)\n * bump github.com/cloudflare/circl (#441)\n * deprecate auth from hauler store copy (#440)\n * Bump github.com/open-policy-agent/opa (#438)\n\n- update to 1.2.4 (CVE-2025-22872, bsc#1241804):\n * Bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules\n group across 1 directory\n * minor tests updates\n\n- Update to version 1.2.3:\n * formatting and flag text updates\n * add keyless signature verification (#434)\n * bump helm.sh/helm/v3 in the go_modules group across 1 directory (#430)\n * add --only flag to hauler store copy (for images) (#429)\n * fix tlog verification error/warning output (#428)\n\n- Update to version 1.2.2 (bsc#1241184, CVE-2024-0406):\n * cleanup new tlog flag typos and add shorthand (#426)\n * default public transparency log verification to false to be airgap friendly but allow override (#425)\n * bump github.com/golang-jwt/jwt/v4 (#423)\n * bump the go_modules group across 1 directory with 2 updates (#422)\n * bump github.com/go-jose/go-jose/v3 (#417)\n * bump github.com/go-jose/go-jose/v4 (#415)\n * clear default manifest name if product flag used with sync (#412)\n * updates for v1.2.0 (#408)\n * fixed remote code (#407)\n * added remote file fetch to load (#406)\n * added remote and multiple file fetch to sync (#405)\n * updated save flag and related logs (#404)\n * updated load flag and related logs [breaking change] (#403)\n * updated sync flag and related logs [breaking change] (#402)\n * upgraded api update to v1/updated dependencies (#400)\n * fixed consts for oci declarations (#398)\n * fix for correctly grabbing platform post cosign 2.4 updates (#393)\n * use cosign v2.4.1+carbide.2 to address containerd annotation in index.json (#390)\n * Bump the go_modules group across 1 directory with 2 updates (#385)\n * replace mholt/archiver with mholt/archives (#384)\n * forked cosign bump to 2.4.1 and use as a library vs embedded binary (#383)\n * cleaned up registry and improved logging (#378)\n * Bump golang.org/x/crypto in the go_modules group across 1 directory (#377)\n- bump net/html dependencies (bsc#1235332, CVE-2024-45338)\n\n- Update to version 1.1.1:\n * fixed cli desc for store env var (#374)\n * updated versions for go/k8s/helm (#373)\n * updated version flag to internal/flags (#369)\n * renamed incorrectly named consts (#371)\n * added store env var (#370)\n * adding ignore errors and retries for continue on error/fail on error (#368)\n * updated/fixed hauler directory (#354)\n * standardize consts (#353)\n * removed cachedir code (#355)\n * removed k3s code (#352)\n * updated dependencies for go, helm, and k8s (#351)\n * [feature] build with boring crypto where available (#344)\n * updated workflow to goreleaser builds (#341)\n * added timeout to goreleaser workflow (#340)\n * trying new workflow build processes (#337)\n * improved workflow performance (#336)\n * have extract use proper ref (#335)\n * yet another workflow goreleaser fix (#334)\n * even more workflow fixes (#333)\n * added more fixes to github workflow (#332)\n * fixed typo in hauler store save (#331)\n * updates to fix build processes (#330)\n * added integration tests for non hauler tarballs (#325)\n * bump: golang \u003e= 1.23.1 (#328)\n * add platform flag to store save (#329)\n * Update feature_request.md\n * updated/standardize command descriptions (#313)\n * use new annotation for \u0027store save\u0027 manifest.json (#324)\n * enable docker load for hauler tarballs (#320)\n * bump to cosign v2.2.3-carbide.3 for new annotation (#322)\n * continue on error when adding images to store (#317)\n * Update README.md (#318)\n * fixed completion commands (#312)\n * github.com/rancherfederal/hauler =\u003e hauler.dev/go/hauler (#311)\n * pages: enable go install hauler.dev/go/hauler (#310)\n * Create CNAME\n * pages: initial workflow (#309)\n * testing and linting updates (#305)\n * feat-273: TLS Flags (#303)\n * added list-repos flag (#298)\n * fixed hauler login typo (#299)\n * updated cobra function for shell completion (#304)\n * updated install.sh to remove github api (#293)\n * fix image ref keys getting squashed when containing sigs/atts (#291)\n * fix missing versin info in release build (#283)\n * bump github.com/docker/docker in the go_modules group across 1 directory (#281)\n * updated install script (`install.sh`) (#280)\n * fix digest images being lost on load of hauls (Signed). (#259)\n * feat: add readonly flag (#277)\n * fixed makefile for goreleaser v2 changes (#278)\n * updated goreleaser versioning defaults (#279)\n * update feature_request.md (#274)\n * updated old references\n * updated actions workflow user\n * added dockerhub to github actions workflow\n * removed helm chart\n * added debug container and workflow\n * updated products flag description\n * updated chart for release\n * fixed workflow errors/warnings\n * fixed permissions on testdata\n * updated chart versions (will need to update again)\n * last bit of fixes to workflow\n * updated unit test workflow\n * updated goreleaser deprecations\n * added helm chart release job\n * updated github template names\n * updated imports (and go fmt)\n * formatted gitignore to match dockerignore\n * formatted all code (go fmt)\n * updated chart tests for new features\n * Adding the timeout flag for fileserver command\n * Configure chart commands to use helm clients for OCI and private registry support\n * Added some documentation text to sync command\n * Bump golang.org/x/net from 0.17.0 to 0.23.0\n * fix for dup digest smashing in cosign\n * removed vagrant scripts\n * last bit of updates and formatting of chart\n * updated hauler testdata\n * adding functionality and cleaning up\n * added initial helm chart\n * removed tag in release workflow\n * updated/fixed image ref in release workflow\n * updated/fixed platforms in release workflow\n * updated/cleaned github actions (#222)\n * Make Product Registry configurable (#194)\n * updated fileserver directory name (#219)\n * fix logging for files\n * add extra info for the tempdir override flag\n * tempdir override flag for load\n * deprecate the cache flag instead of remove\n * switch to using bci-golang as builder image\n * fix: ensure /tmp for hauler store load\n * added the copy back for now\n * remove copy at the image sync not needed with cosign update\n * removed misleading cache flag\n * better logging when adding to store\n * update to v2.2.3 of our cosign fork\n * add: dockerignore\n * add: Dockerfile\n * Bump google.golang.org/protobuf from 1.31.0 to 1.33.0\n * Bump github.com/docker/docker\n * updated and added new logos\n * updated github files\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-54",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_20160-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1235332",
"url": "https://bugzilla.suse.com/1235332"
},
{
"category": "self",
"summary": "SUSE Bug 1241184",
"url": "https://bugzilla.suse.com/1241184"
},
{
"category": "self",
"summary": "SUSE Bug 1241804",
"url": "https://bugzilla.suse.com/1241804"
},
{
"category": "self",
"summary": "SUSE Bug 1246722",
"url": "https://bugzilla.suse.com/1246722"
},
{
"category": "self",
"summary": "SUSE Bug 1248937",
"url": "https://bugzilla.suse.com/1248937"
},
{
"category": "self",
"summary": "SUSE Bug 1251516",
"url": "https://bugzilla.suse.com/1251516"
},
{
"category": "self",
"summary": "SUSE Bug 1251651",
"url": "https://bugzilla.suse.com/1251651"
},
{
"category": "self",
"summary": "SUSE Bug 1251891",
"url": "https://bugzilla.suse.com/1251891"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0406 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11579 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-46569 page",
"url": "https://www.suse.com/security/cve/CVE-2025-46569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for hauler",
"tracking": {
"current_release_date": "2025-12-12T13:20:11Z",
"generator": {
"date": "2025-12-12T13:20:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:20160-1",
"initial_release_date": "2025-12-12T13:20:11Z",
"revision_history": [
{
"date": "2025-12-12T13:20:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.3.1-bp160.1.1.aarch64",
"product": {
"name": "hauler-1.3.1-bp160.1.1.aarch64",
"product_id": "hauler-1.3.1-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "hauler-1.3.1-bp160.1.1.x86_64",
"product": {
"name": "hauler-1.3.1-bp160.1.1.x86_64",
"product_id": "hauler-1.3.1-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.3.1-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64"
},
"product_reference": "hauler-1.3.1-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hauler-1.3.1-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
},
"product_reference": "hauler-1.3.1-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0406"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user\u0027s or application\u0027s privileges using the library.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0406",
"url": "https://www.suse.com/security/cve/CVE-2024-0406"
},
{
"category": "external",
"summary": "SUSE Bug 1241181 for CVE-2024-0406",
"url": "https://bugzilla.suse.com/1241181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "important"
}
],
"title": "CVE-2024-0406"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-11579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11579"
}
],
"notes": [
{
"category": "general",
"text": "github.com/nwaples/rardecode versions \u003c=2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11579",
"url": "https://www.suse.com/security/cve/CVE-2025-11579"
},
{
"category": "external",
"summary": "SUSE Bug 1251871 for CVE-2025-11579",
"url": "https://bugzilla.suse.com/1251871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-11579"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-46569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-46569"
}
],
"notes": [
{
"category": "general",
"text": "Open Policy Agent (OPA) is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a single data document reference is constructed from the requested path. This query is then used for policy evaluation. A HTTP request path can be crafted in a way that injects Rego code into the constructed query. The evaluation result cannot be made to return any other data than what is generated by the requested path, but this path can be misdirected, and the injected Rego code can be crafted to make the query succeed or fail; opening up for oracle attacks or, given the right circumstances, erroneous policy decision results. Furthermore, the injected code can be crafted to be computationally expensive, resulting in a Denial Of Service (DoS) attack. This issue has been patched in version 1.4.0. A workaround involves having network access to OPA\u0027s RESTful APIs being limited to `localhost` and/or trusted networks, unless necessary for production reasons.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-46569",
"url": "https://www.suse.com/security/cve/CVE-2025-46569"
},
{
"category": "external",
"summary": "SUSE Bug 1246710 for CVE-2025-46569",
"url": "https://bugzilla.suse.com/1246710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "important"
}
],
"title": "CVE-2025-46569"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58058"
}
],
"notes": [
{
"category": "general",
"text": "xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn\u0027t include a magic number or has a checksum to detect such an issue according to the specification. Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done. This issue has been patched in version 0.5.14.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58058",
"url": "https://www.suse.com/security/cve/CVE-2025-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1248889 for CVE-2025-58058",
"url": "https://bugzilla.suse.com/1248889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-58058"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:hauler-1.3.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T13:20:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2026:20058-1
Vulnerability from csaf_opensuse - Published: 2026-01-17 09:30 - Updated: 2026-01-17 09:30Summary
Security update for go-sendxmpp
Notes
Title of the patch
Security update for go-sendxmpp
Description of the patch
This update for go-sendxmpp fixes the following issues:
Changes in go-sendxmpp:
- Update to 0.15.1:
Added
* Add XEP-0359 Origin-ID to messages (requires go-xmpp >= v0.2.18).
Changed
* HTTP upload: Ignore timeouts on disco IQs as some components do
not reply.
- Upgrades the embedded golang.org/x/net to 0.46.0
* Fixes: bsc#1251461, CVE-2025-47911: various algorithms with
quadratic complexity when parsing HTML documents
* Fixes: bsc#1251677, CVE-2025-58190: excessive memory consumption
by 'html.ParseFragment' when processing specially crafted input
- Update to 0.15.0:
Added:
* Add flag --verbose to show debug information.
* Add flag --recipients to specify recipients by file.
* Add flag --retry-connect to try after a waiting time if the connection fails.
* Add flag --retry-connect-max to specify the amount of retry attempts.
* Add flag --legacy-pgp for using XEP-0027 PGP encryption with Ox keys.
* Add support for punycode domains.
Changed:
* Update gopenpgp library to v3.
* Improve error detection for MUC joins.
* Don't try to connect to other SRV record targets if error contains 'auth-failure'.
* Remove support for old SSDP version (via go-xmpp v0.2.15).
* Http-upload: Stop checking other disco items after finding upload component.
* Increase default TLS version to 1.3.
- bsc#1241814 (CVE-2025-22872): This update includes golang.org/x/net/html 0.43.0
- Update to 0.14.1:
* Use prettier date format for error messages.
* Update XEP-0474 to version 0.4.0 (requires go-xmpp >= 0.2.10).
- Update to 0.14.0:
Added:
* Add --fast-invalidate to allow invalidating the FAST token.
Changed:
* Don't create legacy Ox private key directory in ~/.local/share/go-sendxmpp/oxprivkeys.
* Delete legacy Ox private key directory if it's empty.
* Show proper error if saved FAST mechanism isn't usable with current TLS version (requires go-xmpp >= 0.2.9).
* Print debug output to stdout, not stderr (requires go-xmpp >= 0.2.9).
* Show RECV: and SEND: prefix for debug output (requires go-xmpp >= 0.2.9).
* Delete stored fast token if --fast-invalidate and --fast-off are set.
* Show error when FAST creds are stored but non-FAST mechanism is requested.
- Update to 0.13.0:
Added:
* Add --anonymous to support anonymous authentication (requires go-xmpp >= 0.2.8).
* Add XEP-0480: SASL Upgrade Tasks support (requires go-xmpp >= 0.2.8).
* Add support for see-other-host stream error (requires go-xmpp >= 0.2.8).
Changed:
* Don't automatically try other auth mechanisms if FAST authentication fails.
- Update to 0.12.1:
Changed:
* Print error instead of quitting if a message of type error is received.
* Allow upload of multiple files.
Added:
* Add flag --suppress-root-warning to suppress the warning when go-sendxmpp is used by the root user.
- Update to 0.12.0:
Added:
* Add possibility to look up direct TLS connection endpoint via hostmeta2 (requires xmppsrv >= 0.3.3).
* Add flag --allow-plain to allow PLAIN authentication (requires go-xmpp >= 0.2.5).
Changed:
* Disable PLAIN authentication per default.
* Disable PLAIN authentication after first use of a SCRAM auth mechanism (overrides --allow-plain) (requires
go-xmpp >= 0.2.5).
- Update to 0.11.4:
* Fix bug in SCRAM-SHA-256-PLUS (via go-xmpp >= 0.2.4).
- Update to 0.11.3:
* Add go-xmpp library version to --version output (requires go-xmpp >= 0.2.2).
* Fix XEP-0474: SASL SCRAM Downgrade Protection hash calculation bug (via go-xmpp >= v0.2.3).
* [gocritic]: Improve code quality.
Patchnames
openSUSE-Leap-16.0-packagehub-82
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go-sendxmpp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go-sendxmpp fixes the following issues:\n\nChanges in go-sendxmpp:\n\n- Update to 0.15.1:\n Added\n * Add XEP-0359 Origin-ID to messages (requires go-xmpp \u003e= v0.2.18).\n Changed\n * HTTP upload: Ignore timeouts on disco IQs as some components do\n not reply.\n- Upgrades the embedded golang.org/x/net to 0.46.0\n * Fixes: bsc#1251461, CVE-2025-47911: various algorithms with\n quadratic complexity when parsing HTML documents\n * Fixes: bsc#1251677, CVE-2025-58190: excessive memory consumption\n by \u0027html.ParseFragment\u0027 when processing specially crafted input\n\n- Update to 0.15.0:\n Added:\n * Add flag --verbose to show debug information.\n * Add flag --recipients to specify recipients by file.\n * Add flag --retry-connect to try after a waiting time if the connection fails.\n * Add flag --retry-connect-max to specify the amount of retry attempts.\n * Add flag --legacy-pgp for using XEP-0027 PGP encryption with Ox keys.\n * Add support for punycode domains.\n Changed:\n * Update gopenpgp library to v3.\n * Improve error detection for MUC joins.\n * Don\u0027t try to connect to other SRV record targets if error contains \u0027auth-failure\u0027.\n * Remove support for old SSDP version (via go-xmpp v0.2.15).\n * Http-upload: Stop checking other disco items after finding upload component.\n * Increase default TLS version to 1.3.\n- bsc#1241814 (CVE-2025-22872): This update includes golang.org/x/net/html 0.43.0\n\n- Update to 0.14.1:\n * Use prettier date format for error messages.\n * Update XEP-0474 to version 0.4.0 (requires go-xmpp \u003e= 0.2.10).\n\n- Update to 0.14.0:\n Added:\n * Add --fast-invalidate to allow invalidating the FAST token.\n Changed:\n * Don\u0027t create legacy Ox private key directory in ~/.local/share/go-sendxmpp/oxprivkeys.\n * Delete legacy Ox private key directory if it\u0027s empty.\n * Show proper error if saved FAST mechanism isn\u0027t usable with current TLS version (requires go-xmpp \u003e= 0.2.9).\n * Print debug output to stdout, not stderr (requires go-xmpp \u003e= 0.2.9).\n * Show RECV: and SEND: prefix for debug output (requires go-xmpp \u003e= 0.2.9).\n * Delete stored fast token if --fast-invalidate and --fast-off are set.\n * Show error when FAST creds are stored but non-FAST mechanism is requested.\n\n- Update to 0.13.0:\n Added:\n * Add --anonymous to support anonymous authentication (requires go-xmpp \u003e= 0.2.8).\n * Add XEP-0480: SASL Upgrade Tasks support (requires go-xmpp \u003e= 0.2.8).\n * Add support for see-other-host stream error (requires go-xmpp \u003e= 0.2.8).\n Changed:\n * Don\u0027t automatically try other auth mechanisms if FAST authentication fails.\n\n- Update to 0.12.1:\n Changed:\n * Print error instead of quitting if a message of type error is received.\n * Allow upload of multiple files.\n Added:\n * Add flag --suppress-root-warning to suppress the warning when go-sendxmpp is used by the root user.\n\n- Update to 0.12.0:\n Added:\n * Add possibility to look up direct TLS connection endpoint via hostmeta2 (requires xmppsrv \u003e= 0.3.3).\n * Add flag --allow-plain to allow PLAIN authentication (requires go-xmpp \u003e= 0.2.5).\n Changed:\n * Disable PLAIN authentication per default.\n * Disable PLAIN authentication after first use of a SCRAM auth mechanism (overrides --allow-plain) (requires\n go-xmpp \u003e= 0.2.5).\n\n- Update to 0.11.4:\n * Fix bug in SCRAM-SHA-256-PLUS (via go-xmpp \u003e= 0.2.4).\n\n- Update to 0.11.3:\n * Add go-xmpp library version to --version output (requires go-xmpp \u003e= 0.2.2).\n * Fix XEP-0474: SASL SCRAM Downgrade Protection hash calculation bug (via go-xmpp \u003e= v0.2.3).\n * [gocritic]: Improve code quality.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-82",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20058-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1241814",
"url": "https://bugzilla.suse.com/1241814"
},
{
"category": "self",
"summary": "SUSE Bug 1251461",
"url": "https://bugzilla.suse.com/1251461"
},
{
"category": "self",
"summary": "SUSE Bug 1251677",
"url": "https://bugzilla.suse.com/1251677"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for go-sendxmpp",
"tracking": {
"current_release_date": "2026-01-17T09:30:33Z",
"generator": {
"date": "2026-01-17T09:30:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20058-1",
"initial_release_date": "2026-01-17T09:30:33Z",
"revision_history": [
{
"date": "2026-01-17T09:30:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"product": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"product_id": "go-sendxmpp-0.15.1-bp160.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"product": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"product_id": "go-sendxmpp-0.15.1-bp160.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-bp160.1.1.s390x",
"product": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.s390x",
"product_id": "go-sendxmpp-0.15.1-bp160.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-sendxmpp-0.15.1-bp160.1.1.x86_64",
"product": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.x86_64",
"product_id": "go-sendxmpp-0.15.1-bp160.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64"
},
"product_reference": "go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le"
},
"product_reference": "go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x"
},
"product_reference": "go-sendxmpp-0.15.1-bp160.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-sendxmpp-0.15.1-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
},
"product_reference": "go-sendxmpp-0.15.1-bp160.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-17T09:30:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-17T09:30:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.aarch64",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.ppc64le",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.s390x",
"openSUSE Leap 16.0:go-sendxmpp-0.15.1-bp160.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-17T09:30:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15669-1
Vulnerability from csaf_opensuse - Published: 2025-10-27 00:00 - Updated: 2025-10-27 00:00Summary
grafana-11.6.7-1.1 on GA media
Notes
Title of the patch
grafana-11.6.7-1.1 on GA media
Description of the patch
These are all security issues fixed in the grafana-11.6.7-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15669
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-11.6.7-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-11.6.7-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15669",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15669-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "grafana-11.6.7-1.1 on GA media",
"tracking": {
"current_release_date": "2025-10-27T00:00:00Z",
"generator": {
"date": "2025-10-27T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15669-1",
"initial_release_date": "2025-10-27T00:00:00Z",
"revision_history": [
{
"date": "2025-10-27T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.7-1.1.aarch64",
"product": {
"name": "grafana-11.6.7-1.1.aarch64",
"product_id": "grafana-11.6.7-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.7-1.1.ppc64le",
"product": {
"name": "grafana-11.6.7-1.1.ppc64le",
"product_id": "grafana-11.6.7-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.7-1.1.s390x",
"product": {
"name": "grafana-11.6.7-1.1.s390x",
"product_id": "grafana-11.6.7-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.7-1.1.x86_64",
"product": {
"name": "grafana-11.6.7-1.1.x86_64",
"product_id": "grafana-11.6.7-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.7-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64"
},
"product_reference": "grafana-11.6.7-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.7-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le"
},
"product_reference": "grafana-11.6.7-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.7-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x"
},
"product_reference": "grafana-11.6.7-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.7-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
},
"product_reference": "grafana-11.6.7-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-27T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15779-1
Vulnerability from csaf_opensuse - Published: 2025-11-28 00:00 - Updated: 2025-11-28 00:00Summary
helm3-3.19.2-1.1 on GA media
Notes
Title of the patch
helm3-3.19.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15779
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "helm3-3.19.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the helm3-3.19.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15779",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15779-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16873 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16875 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21272 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1996 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23524 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23525 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23526 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25165 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25173 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25620 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45337 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "helm3-3.19.2-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-28T00:00:00Z",
"generator": {
"date": "2025-11-28T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15779-1",
"initial_release_date": "2025-11-28T00:00:00Z",
"revision_history": [
{
"date": "2025-11-28T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-3.19.2-1.1.aarch64",
"product_id": "helm3-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-bash-completion-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-fish-completion-3.19.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"product_id": "helm3-zsh-completion-3.19.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-3.19.2-1.1.ppc64le",
"product_id": "helm3-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-bash-completion-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-fish-completion-3.19.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"product_id": "helm3-zsh-completion-3.19.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.s390x",
"product": {
"name": "helm3-3.19.2-1.1.s390x",
"product_id": "helm3-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.s390x",
"product_id": "helm3-bash-completion-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.s390x",
"product_id": "helm3-fish-completion-3.19.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.s390x",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.s390x",
"product_id": "helm3-zsh-completion-3.19.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm3-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-3.19.2-1.1.x86_64",
"product_id": "helm3-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-bash-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-bash-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-bash-completion-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-fish-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-fish-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-fish-completion-3.19.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"product": {
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"product_id": "helm3-zsh-completion-3.19.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x"
},
"product_reference": "helm3-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-bash-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-bash-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-fish-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-fish-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm3-zsh-completion-3.19.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
},
"product_reference": "helm3-zsh-completion-3.19.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16873"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\u0027s possible to arrange things so that a Git repository is cloned to a folder named \".git\" by using a vanity import path that ends with \"/.git\". If the Git repository root contains a \"HEAD\" file, a \"config\" file, an \"objects\" directory, a \"refs\" directory, with some work to ensure the proper ordering of operations, \"go get -u\" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the \"config\" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running \"go get -u\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16873",
"url": "https://www.suse.com/security/cve/CVE-2018-16873"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16873",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-16873"
},
{
"cve": "CVE-2018-16874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16874"
}
],
"notes": [
{
"category": "general",
"text": "In Go before 1.10.6 and 1.11.x before 1.11.3, the \"go get\" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \u0027{\u0027 and \u0027}\u0027 characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16874",
"url": "https://www.suse.com/security/cve/CVE-2018-16874"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16874",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16874"
},
{
"cve": "CVE-2018-16875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16875"
}
],
"notes": [
{
"category": "general",
"text": "The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16875",
"url": "https://www.suse.com/security/cve/CVE-2018-16875"
},
{
"category": "external",
"summary": "SUSE Bug 1118897 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118897"
},
{
"category": "external",
"summary": "SUSE Bug 1118898 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118898"
},
{
"category": "external",
"summary": "SUSE Bug 1118899 for CVE-2018-16875",
"url": "https://bugzilla.suse.com/1118899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16875"
},
{
"cve": "CVE-2021-21272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21272"
}
],
"notes": [
{
"category": "general",
"text": "ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a \"zip-slip\" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21272",
"url": "https://www.suse.com/security/cve/CVE-2021-21272"
},
{
"category": "external",
"summary": "SUSE Bug 1181419 for CVE-2021-21272",
"url": "https://bugzilla.suse.com/1181419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-21272"
},
{
"cve": "CVE-2022-1996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1996"
}
],
"notes": [
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1996",
"url": "https://www.suse.com/security/cve/CVE-2022-1996"
},
{
"category": "external",
"summary": "SUSE Bug 1200528 for CVE-2022-1996",
"url": "https://bugzilla.suse.com/1200528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-1996"
},
{
"cve": "CVE-2022-23524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23524"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23524",
"url": "https://www.suse.com/security/cve/CVE-2022-23524"
},
{
"category": "external",
"summary": "SUSE Bug 1206467 for CVE-2022-23524",
"url": "https://bugzilla.suse.com/1206467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-23524"
},
{
"cve": "CVE-2022-23525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23525"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23525",
"url": "https://www.suse.com/security/cve/CVE-2022-23525"
},
{
"category": "external",
"summary": "SUSE Bug 1206469 for CVE-2022-23525",
"url": "https://bugzilla.suse.com/1206469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2022-23525"
},
{
"cve": "CVE-2022-23526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23526"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23526",
"url": "https://www.suse.com/security/cve/CVE-2022-23526"
},
{
"category": "external",
"summary": "SUSE Bug 1206471 for CVE-2022-23526",
"url": "https://bugzilla.suse.com/1206471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2022-23526"
},
{
"cve": "CVE-2022-36055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36055"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. Fuzz testing, provided by the CNCF, identified input to functions in the _strvals_ package that can cause an out of memory panic. The _strvals_ package contains a parser that turns strings in to Go structures. The _strvals_ package converts these strings into structures Go can work with. Some string inputs can cause array data structures to be created causing an out of memory panic. Applications that use the _strvals_ package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with input to `--set`, `--set-string`, and other value setting flags that causes an out of memory panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been resolved in 3.9.4. SDK users can validate strings supplied by users won\u0027t create large arrays causing significant memory usage before passing them to the _strvals_ functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36055",
"url": "https://www.suse.com/security/cve/CVE-2022-36055"
},
{
"category": "external",
"summary": "SUSE Bug 1203054 for CVE-2022-36055",
"url": "https://bugzilla.suse.com/1203054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-36055"
},
{
"cve": "CVE-2023-25165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25165"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool that streamlines installing and managing Kubernetes applications.`getHostByName` is a Helm template function introduced in Helm v3. The function is able to accept a hostname and return an IP address for that hostname. To get the IP address the function performs a DNS lookup. The DNS lookup happens when used with `helm install|upgrade|template` or when the Helm SDK is used to render a chart. Information passed into the chart can be disclosed to the DNS servers used to lookup the IP address. For example, a malicious chart could inject `getHostByName` into a chart in order to disclose values to a malicious DNS server. The issue has been fixed in Helm 3.11.1. Prior to using a chart with Helm verify the `getHostByName` function is not being used in a template to disclose any information you do not want passed to DNS servers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25165",
"url": "https://www.suse.com/security/cve/CVE-2023-25165"
},
{
"category": "external",
"summary": "SUSE Bug 1208083 for CVE-2023-25165",
"url": "https://bugzilla.suse.com/1208083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-25165"
},
{
"cve": "CVE-2023-25173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25173"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. Downstream applications that use the containerd client library may be affected as well.\n\nThis bug has been fixed in containerd v1.6.18 and v.1.5.18. Users should update to these versions and recreate containers to resolve this issue. Users who rely on a downstream application that uses containerd\u0027s client library should check that application for a separate advisory and instructions. As a workaround, ensure that the `\"USER $USERNAME\"` Dockerfile instruction is not used. Instead, set the container entrypoint to a value similar to `ENTRYPOINT [\"su\", \"-\", \"user\"]` to allow `su` to properly set up supplementary groups.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25173",
"url": "https://www.suse.com/security/cve/CVE-2023-25173"
},
{
"category": "external",
"summary": "SUSE Bug 1208426 for CVE-2023-25173",
"url": "https://bugzilla.suse.com/1208426"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2023-25173",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2024-25620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25620"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25620",
"url": "https://www.suse.com/security/cve/CVE-2024-25620"
},
{
"category": "external",
"summary": "SUSE Bug 1219969 for CVE-2024-25620",
"url": "https://bugzilla.suse.com/1219969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-25620"
},
{
"cve": "CVE-2024-26147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26147"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all metadata a panic would occur in Helm. In the Helm SDK, this is found when using the `LoadIndexFile` or `DownloadIndexFile` functions in the `repo` package or the `LoadDir` function in the `plugin` package. For the Helm client this impacts functions around adding a repository and all Helm functions if a malicious plugin is added as Helm inspects all known plugins on each invocation. This issue has been resolved in Helm v3.14.2. If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem. If using Helm SDK versions prior to 3.14.2, calls to affected functions can use `recover` to catch the panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26147",
"url": "https://www.suse.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "SUSE Bug 1220207 for CVE-2024-26147",
"url": "https://bugzilla.suse.com/1220207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-26147"
},
{
"cve": "CVE-2024-45337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45337"
}
],
"notes": [
{
"category": "general",
"text": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45337",
"url": "https://www.suse.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "SUSE Bug 1234482 for CVE-2024-45337",
"url": "https://bugzilla.suse.com/1234482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-45337"
},
{
"cve": "CVE-2024-45338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45338"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45338",
"url": "https://www.suse.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "SUSE Bug 1234794 for CVE-2024-45338",
"url": "https://bugzilla.suse.com/1234794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-45338"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:helm3-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-bash-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-fish-completion-3.19.2-1.1.x86_64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.aarch64",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.ppc64le",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.s390x",
"openSUSE Tumbleweed:helm3-zsh-completion-3.19.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2025:15852-1
Vulnerability from csaf_opensuse - Published: 2025-12-29 00:00 - Updated: 2025-12-29 00:00Summary
trivy-0.68.2-1.1 on GA media
Notes
Title of the patch
trivy-0.68.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the trivy-0.68.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15852
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "trivy-0.68.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the trivy-0.68.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15852",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15852-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "trivy-0.68.2-1.1 on GA media",
"tracking": {
"current_release_date": "2025-12-29T00:00:00Z",
"generator": {
"date": "2025-12-29T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15852-1",
"initial_release_date": "2025-12-29T00:00:00Z",
"revision_history": [
{
"date": "2025-12-29T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-1.1.aarch64",
"product": {
"name": "trivy-0.68.2-1.1.aarch64",
"product_id": "trivy-0.68.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-1.1.ppc64le",
"product": {
"name": "trivy-0.68.2-1.1.ppc64le",
"product_id": "trivy-0.68.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-1.1.s390x",
"product": {
"name": "trivy-0.68.2-1.1.s390x",
"product_id": "trivy-0.68.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.68.2-1.1.x86_64",
"product": {
"name": "trivy-0.68.2-1.1.x86_64",
"product_id": "trivy-0.68.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64"
},
"product_reference": "trivy-0.68.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le"
},
"product_reference": "trivy-0.68.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x"
},
"product_reference": "trivy-0.68.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.68.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
},
"product_reference": "trivy-0.68.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-29T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-29T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-29T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.68.2-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.68.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-29T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
OPENSUSE-SU-2026:10173-1
Vulnerability from csaf_opensuse - Published: 2026-02-11 00:00 - Updated: 2026-02-11 00:00Summary
apptainer-1.4.5-2.1 on GA media
Notes
Title of the patch
apptainer-1.4.5-2.1 on GA media
Description of the patch
These are all security issues fixed in the apptainer-1.4.5-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10173
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apptainer-1.4.5-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apptainer-1.4.5-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10173",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10173-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "apptainer-1.4.5-2.1 on GA media",
"tracking": {
"current_release_date": "2026-02-11T00:00:00Z",
"generator": {
"date": "2026-02-11T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10173-1",
"initial_release_date": "2026-02-11T00:00:00Z",
"revision_history": [
{
"date": "2026-02-11T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-2.1.aarch64",
"product": {
"name": "apptainer-1.4.5-2.1.aarch64",
"product_id": "apptainer-1.4.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-2.1.aarch64",
"product": {
"name": "apptainer-leap-1.4.5-2.1.aarch64",
"product_id": "apptainer-leap-1.4.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-2.1.aarch64",
"product": {
"name": "apptainer-sle15_7-1.4.5-2.1.aarch64",
"product_id": "apptainer-sle15_7-1.4.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-2.1.aarch64",
"product": {
"name": "apptainer-sle16-1.4.5-2.1.aarch64",
"product_id": "apptainer-sle16-1.4.5-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-2.1.ppc64le",
"product": {
"name": "apptainer-1.4.5-2.1.ppc64le",
"product_id": "apptainer-1.4.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-2.1.ppc64le",
"product": {
"name": "apptainer-leap-1.4.5-2.1.ppc64le",
"product_id": "apptainer-leap-1.4.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-2.1.ppc64le",
"product": {
"name": "apptainer-sle15_7-1.4.5-2.1.ppc64le",
"product_id": "apptainer-sle15_7-1.4.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-2.1.ppc64le",
"product": {
"name": "apptainer-sle16-1.4.5-2.1.ppc64le",
"product_id": "apptainer-sle16-1.4.5-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-2.1.s390x",
"product": {
"name": "apptainer-1.4.5-2.1.s390x",
"product_id": "apptainer-1.4.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-2.1.s390x",
"product": {
"name": "apptainer-leap-1.4.5-2.1.s390x",
"product_id": "apptainer-leap-1.4.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-2.1.s390x",
"product": {
"name": "apptainer-sle15_7-1.4.5-2.1.s390x",
"product_id": "apptainer-sle15_7-1.4.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-2.1.s390x",
"product": {
"name": "apptainer-sle16-1.4.5-2.1.s390x",
"product_id": "apptainer-sle16-1.4.5-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-2.1.x86_64",
"product": {
"name": "apptainer-1.4.5-2.1.x86_64",
"product_id": "apptainer-1.4.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-2.1.x86_64",
"product": {
"name": "apptainer-leap-1.4.5-2.1.x86_64",
"product_id": "apptainer-leap-1.4.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-2.1.x86_64",
"product": {
"name": "apptainer-sle15_7-1.4.5-2.1.x86_64",
"product_id": "apptainer-sle15_7-1.4.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-2.1.x86_64",
"product": {
"name": "apptainer-sle16-1.4.5-2.1.x86_64",
"product_id": "apptainer-sle16-1.4.5-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64"
},
"product_reference": "apptainer-1.4.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le"
},
"product_reference": "apptainer-1.4.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x"
},
"product_reference": "apptainer-1.4.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64"
},
"product_reference": "apptainer-1.4.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64"
},
"product_reference": "apptainer-leap-1.4.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le"
},
"product_reference": "apptainer-leap-1.4.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x"
},
"product_reference": "apptainer-leap-1.4.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64"
},
"product_reference": "apptainer-leap-1.4.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64"
},
"product_reference": "apptainer-sle15_7-1.4.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le"
},
"product_reference": "apptainer-sle15_7-1.4.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x"
},
"product_reference": "apptainer-sle15_7-1.4.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64"
},
"product_reference": "apptainer-sle15_7-1.4.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64"
},
"product_reference": "apptainer-sle16-1.4.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le"
},
"product_reference": "apptainer-sle16-1.4.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x"
},
"product_reference": "apptainer-sle16-1.4.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
},
"product_reference": "apptainer-sle16-1.4.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-2.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-11T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2025:21043-1
Vulnerability from csaf_suse - Published: 2025-11-14 08:40 - Updated: 2025-11-14 08:40Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
Update to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):
* chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29
* jsonschema: warn and ignore unresolved URN $ref to match v3.18.4
* Avoid "panic: interface conversion: interface {} is nil"
* Fix `helm pull` untar dir check with repo urls
* chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
* Add timeout flag to repo add and update flags
* chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
Update to version 3.19.0:
* fix: use username and password if provided
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
* chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1
* chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0
* fix(helm-lint): fmt
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
* chore(deps): bump the k8s-io group with 7 updates
* fix: go mod tidy for v3
* chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0
* chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0
* fix Chart.yaml handling
* Handle messy index files
* chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28
* json schema fix
* fix: k8s version parsing to match original
* chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0
* Do not explicitly set SNI in HTTPGetter
* chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
* chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0
* chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0
* Disabling linter due to unknown issue
* Updating link handling
* Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0
* fix: user username password for login
* Update pkg/registry/transport.go
* Update pkg/registry/transport.go
* fix: add debug logging to oci transport
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
* build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0
* fix: legacy docker support broken for login
* fix: plugin installer test with no Internet
* Handle an empty registry config file.
* Prevent fetching newReference again as we have in calling method
* Prevent failure when resolving version tags in oras memory store
* fix(client): skipnode utilization for PreCopy
* test: Skip instead of returning early. looks more intentional
* test: tests repo stripping functionality
* test: include tests for Login based on different protocol prefixes
* fix(client): layers now returns manifest - remove duplicate from descriptors
* fix(client): return nil on non-allowed media types
* Fix 3.18.0 regression: registry login with scheme
* Update pkg/plugin/plugin.go
* Update pkg/plugin/plugin.go
* Wait for Helm v4 before raising when platformCommand and Command are set
* Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
* build(deps): bump the k8s-io group with 7 updates
* chore: update generalization warning message
* build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0
* fix: move warning to top of block
* fix: govulncheck workflow
* fix: replace fmt warning with slog
* fix: add warning when ignore repo flag
* bump version to v3.18.0
* backport #30673 to dev-v3
* feat: add httproute from gateway-api to create chart template
Update to version 3.18.6:
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema
references
Update to version 3.18.5:
* fix Chart.yaml handling 7799b48 (Matt Farina)
* Handle messy index files dd8502f (Matt Farina)
* json schema fix cb8595b (Robert Sirchia)
Fix shell completion dependencies
* Add BuildRequires to prevent inclusion of folders owned by shells.
* Add Requires because installing completions without appropriate
shell is questionable.
- Fix zsh completion location
Patchnames
SUSE-SLE-Micro-6.0-520
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\nUpdate to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):\n\n * chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29\n * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4\n * Avoid \"panic: interface conversion: interface {} is nil\"\n * Fix `helm pull` untar dir check with repo urls\n * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10\n * Add timeout flag to repo add and update flags\n * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0\n\nUpdate to version 3.19.0:\n\n * fix: use username and password if provided\n * chore(deps): bump the k8s-io group with 7 updates\n * chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1\n * chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1\n * chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0\n * fix(helm-lint): fmt\n * fix(helm-lint): Add TLSClientConfig\n * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references\n * chore(deps): bump the k8s-io group with 7 updates\n * fix: go mod tidy for v3\n * chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0\n * chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0\n * fix Chart.yaml handling\n * Handle messy index files\n * chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28\n * json schema fix\n * fix: k8s version parsing to match original\n * chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0\n * Do not explicitly set SNI in HTTPGetter\n * chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7\n * chore(deps): bump the k8s-io group with 7 updates\n * chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0\n * chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0\n * chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0\n * Disabling linter due to unknown issue\n * Updating link handling\n * Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1\n * build(deps): bump the k8s-io group with 7 updates\n * build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0\n * fix: user username password for login\n * Update pkg/registry/transport.go\n * Update pkg/registry/transport.go\n * fix: add debug logging to oci transport\n * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0\n * build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0\n * fix: legacy docker support broken for login\n * fix: plugin installer test with no Internet\n * Handle an empty registry config file.\n * Prevent fetching newReference again as we have in calling method\n * Prevent failure when resolving version tags in oras memory store\n * fix(client): skipnode utilization for PreCopy\n * test: Skip instead of returning early. looks more intentional\n * test: tests repo stripping functionality\n * test: include tests for Login based on different protocol prefixes\n * fix(client): layers now returns manifest - remove duplicate from descriptors\n * fix(client): return nil on non-allowed media types\n * Fix 3.18.0 regression: registry login with scheme\n * Update pkg/plugin/plugin.go\n * Update pkg/plugin/plugin.go\n * Wait for Helm v4 before raising when platformCommand and Command are set\n * Revert \"fix (helm) : toToml` renders int as float [ backport to v3 ]\"\n * build(deps): bump the k8s-io group with 7 updates\n * chore: update generalization warning message\n * build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0\n * build(deps): bump the k8s-io group with 7 updates\n * build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0\n * fix: move warning to top of block\n * fix: govulncheck workflow\n * fix: replace fmt warning with slog\n * fix: add warning when ignore repo flag\n * bump version to v3.18.0\n * backport #30673 to dev-v3\n * feat: add httproute from gateway-api to create chart template\n\nUpdate to version 3.18.6:\n\n * fix(helm-lint): Add TLSClientConfig\n * fix(helm-lint): Add HTTP/HTTPS URL support for json schema\n references\n\nUpdate to version 3.18.5:\n\n * fix Chart.yaml handling 7799b48 (Matt Farina)\n * Handle messy index files dd8502f (Matt Farina)\n * json schema fix cb8595b (Robert Sirchia)\n\nFix shell completion dependencies\n\n * Add BuildRequires to prevent inclusion of folders owned by shells.\n * Add Requires because installing completions without appropriate\n shell is questionable.\n\n- Fix zsh completion location\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-520",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21043-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21043-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521043-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21043-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023392.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251442",
"url": "https://bugzilla.suse.com/1251442"
},
{
"category": "self",
"summary": "SUSE Bug 1251649",
"url": "https://bugzilla.suse.com/1251649"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-11-14T08:40:12Z",
"generator": {
"date": "2025-11-14T08:40:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21043-1",
"initial_release_date": "2025-11-14T08:40:12Z",
"revision_history": [
{
"date": "2025-11-14T08:40:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.aarch64",
"product": {
"name": "helm-3.19.1-1.1.aarch64",
"product_id": "helm-3.19.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-1.1.noarch",
"product": {
"name": "helm-bash-completion-3.19.1-1.1.noarch",
"product_id": "helm-bash-completion-3.19.1-1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.s390x",
"product": {
"name": "helm-3.19.1-1.1.s390x",
"product_id": "helm-3.19.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-1.1.x86_64",
"product": {
"name": "helm-3.19.1-1.1.x86_64",
"product_id": "helm-3.19.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64"
},
"product_reference": "helm-3.19.1-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x"
},
"product_reference": "helm-3.19.1-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64"
},
"product_reference": "helm-3.19.1-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-1.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T08:40:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.aarch64",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.s390x",
"SUSE Linux Micro 6.0:helm-3.19.1-1.1.x86_64",
"SUSE Linux Micro 6.0:helm-bash-completion-3.19.1-1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T08:40:12Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2025:21221-1
Vulnerability from csaf_suse - Published: 2025-12-16 08:29 - Updated: 2025-12-16 08:29Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
Update to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):
* chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29
* jsonschema: warn and ignore unresolved URN $ref to match v3.18.4
* Avoid "panic: interface conversion: interface {} is nil"
* Fix `helm pull` untar dir check with repo urls
* chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
* Add timeout flag to repo add and update flags
* chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
Update to version 3.19.0:
* fix: use username and password if provided
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
* chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1
* chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
* chore(deps): bump the k8s-io group with 7 updates
* fix: go mod tidy for v3
* chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0
* chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0
* fix Chart.yaml handling
* Handle messy index files
* chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28
* json schema fix
* fix: k8s version parsing to match original
* chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0
* Do not explicitly set SNI in HTTPGetter
* chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
* chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0
* chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0
* Disabling linter due to unknown issue
* Updating link handling
* Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0
* fix: user username password for login
* Update pkg/registry/transport.go
* Update pkg/registry/transport.go
* fix: add debug logging to oci transport
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
* build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0
* fix: legacy docker support broken for login
* fix: plugin installer test with no Internet
* Handle an empty registry config file.
* Prevent fetching newReference again as we have in calling method
* Prevent failure when resolving version tags in oras memory store
* fix(client): skipnode utilization for PreCopy
* test: Skip instead of returning early. looks more intentional
* test: tests repo stripping functionality
* test: include tests for Login based on different protocol prefixes
* fix(client): layers now returns manifest - remove duplicate from descriptors
* fix(client): return nil on non-allowed media types
* Fix 3.18.0 regression: registry login with scheme
* Update pkg/plugin/plugin.go
* Update pkg/plugin/plugin.go
* Wait for Helm v4 before raising when platformCommand and Command are set
* Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
* build(deps): bump the k8s-io group with 7 updates
* chore: update generalization warning message
* build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0
* fix: move warning to top of block
* fix: govulncheck workflow
* fix: replace fmt warning with slog
* fix: add warning when ignore repo flag
* bump version to v3.18.0
* backport #30673 to dev-v3
* feat: add httproute from gateway-api to create chart template
Update to version 3.18.6:
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema
references
Update to version 3.18.5:
* fix Chart.yaml handling 7799b48 (Matt Farina)
* Handle messy index files dd8502f (Matt Farina)
* json schema fix cb8595b (Robert Sirchia)
Fix shell completion dependencies
* Add BuildRequires to prevent inclusion of folders owned by shells.
* Add Requires because installing completions without appropriate
shell is questionable.
- Fix zsh completion location
Patchnames
SUSE-SLE-Micro-6.1-353
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\nUpdate to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):\n\n * chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29\n * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4\n * Avoid \"panic: interface conversion: interface {} is nil\"\n * Fix `helm pull` untar dir check with repo urls\n * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10\n * Add timeout flag to repo add and update flags\n * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0\n\nUpdate to version 3.19.0:\n\n * fix: use username and password if provided\n * chore(deps): bump the k8s-io group with 7 updates\n * chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1\n * chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1\n * chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0\n * fix(helm-lint): Add TLSClientConfig\n * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references\n * chore(deps): bump the k8s-io group with 7 updates\n * fix: go mod tidy for v3\n * chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0\n * chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0\n * fix Chart.yaml handling\n * Handle messy index files\n * chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28\n * json schema fix\n * fix: k8s version parsing to match original\n * chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0\n * Do not explicitly set SNI in HTTPGetter\n * chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7\n * chore(deps): bump the k8s-io group with 7 updates\n * chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0\n * chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0\n * chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0\n * Disabling linter due to unknown issue\n * Updating link handling\n * Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1\n * build(deps): bump the k8s-io group with 7 updates\n * build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0\n * fix: user username password for login\n * Update pkg/registry/transport.go\n * Update pkg/registry/transport.go\n * fix: add debug logging to oci transport\n * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0\n * build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0\n * fix: legacy docker support broken for login\n * fix: plugin installer test with no Internet\n * Handle an empty registry config file.\n * Prevent fetching newReference again as we have in calling method\n * Prevent failure when resolving version tags in oras memory store\n * fix(client): skipnode utilization for PreCopy\n * test: Skip instead of returning early. looks more intentional\n * test: tests repo stripping functionality\n * test: include tests for Login based on different protocol prefixes\n * fix(client): layers now returns manifest - remove duplicate from descriptors\n * fix(client): return nil on non-allowed media types\n * Fix 3.18.0 regression: registry login with scheme\n * Update pkg/plugin/plugin.go\n * Update pkg/plugin/plugin.go\n * Wait for Helm v4 before raising when platformCommand and Command are set\n * Revert \"fix (helm) : toToml` renders int as float [ backport to v3 ]\"\n * build(deps): bump the k8s-io group with 7 updates\n * chore: update generalization warning message\n * build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0\n * build(deps): bump the k8s-io group with 7 updates\n * build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0\n * fix: move warning to top of block\n * fix: govulncheck workflow\n * fix: replace fmt warning with slog\n * fix: add warning when ignore repo flag\n * bump version to v3.18.0\n * backport #30673 to dev-v3\n * feat: add httproute from gateway-api to create chart template\n\nUpdate to version 3.18.6:\n\n * fix(helm-lint): Add TLSClientConfig\n * fix(helm-lint): Add HTTP/HTTPS URL support for json schema\n references\n\nUpdate to version 3.18.5:\n\n * fix Chart.yaml handling 7799b48 (Matt Farina)\n * Handle messy index files dd8502f (Matt Farina)\n * json schema fix cb8595b (Robert Sirchia)\n\nFix shell completion dependencies\n\n * Add BuildRequires to prevent inclusion of folders owned by shells.\n * Add Requires because installing completions without appropriate\n shell is questionable.\n\n- Fix zsh completion location\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-353",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21221-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21221-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521221-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21221-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023590.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251442",
"url": "https://bugzilla.suse.com/1251442"
},
{
"category": "self",
"summary": "SUSE Bug 1251649",
"url": "https://bugzilla.suse.com/1251649"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-12-16T08:29:28Z",
"generator": {
"date": "2025-12-16T08:29:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21221-1",
"initial_release_date": "2025-12-16T08:29:28Z",
"revision_history": [
{
"date": "2025-12-16T08:29:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-slfo.1.1_1.1.aarch64",
"product": {
"name": "helm-3.19.1-slfo.1.1_1.1.aarch64",
"product_id": "helm-3.19.1-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch",
"product": {
"name": "helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch",
"product_id": "helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-slfo.1.1_1.1.ppc64le",
"product": {
"name": "helm-3.19.1-slfo.1.1_1.1.ppc64le",
"product_id": "helm-3.19.1-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-slfo.1.1_1.1.s390x",
"product": {
"name": "helm-3.19.1-slfo.1.1_1.1.s390x",
"product_id": "helm-3.19.1-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-slfo.1.1_1.1.x86_64",
"product": {
"name": "helm-3.19.1-slfo.1.1_1.1.x86_64",
"product_id": "helm-3.19.1-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64"
},
"product_reference": "helm-3.19.1-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le"
},
"product_reference": "helm-3.19.1-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x"
},
"product_reference": "helm-3.19.1-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64"
},
"product_reference": "helm-3.19.1-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-16T08:29:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:helm-3.19.1-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:helm-bash-completion-3.19.1-slfo.1.1_1.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-16T08:29:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2025:4190-1
Vulnerability from csaf_suse - Published: 2025-11-24 09:19 - Updated: 2025-11-24 09:19Summary
Security update for helm
Notes
Title of the patch
Security update for helm
Description of the patch
This update for helm fixes the following issues:
- Update to version 3.19.1
- CVE-2025-53547: Fixed local code execution in Helm Chart. (bsc#1246152)
- CVE-2025-58190: Fixed excessive memory consumption by `html.ParseFragment` when processing specially crafted input. (bsc#1251649)
- CVE-2025-47911: Fixed various algorithms with quadratic complexity when parsing HTML documents. (bsc#1251442)
Patchnames
SUSE-2025-4190,SUSE-SLE-Micro-5.5-2025-4190,SUSE-SLE-Module-Containers-15-SP6-2025-4190,SUSE-SLE-Module-Containers-15-SP7-2025-4190,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4190,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4190,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4190,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4190,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4190,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4190,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4190,SUSE-Storage-7.1-2025-4190,openSUSE-SLE-15.6-2025-4190
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for helm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for helm fixes the following issues:\n\n- Update to version 3.19.1\n- CVE-2025-53547: Fixed local code execution in Helm Chart. (bsc#1246152)\n- CVE-2025-58190: Fixed excessive memory consumption by `html.ParseFragment` when processing specially crafted input. (bsc#1251649)\n- CVE-2025-47911: Fixed various algorithms with quadratic complexity when parsing HTML documents. (bsc#1251442)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4190,SUSE-SLE-Micro-5.5-2025-4190,SUSE-SLE-Module-Containers-15-SP6-2025-4190,SUSE-SLE-Module-Containers-15-SP7-2025-4190,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4190,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4190,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4190,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4190,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4190,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4190,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4190,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4190,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4190,SUSE-Storage-7.1-2025-4190,openSUSE-SLE-15.6-2025-4190",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4190-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4190-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254190-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4190-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023339.html"
},
{
"category": "self",
"summary": "SUSE Bug 1246152",
"url": "https://bugzilla.suse.com/1246152"
},
{
"category": "self",
"summary": "SUSE Bug 1251442",
"url": "https://bugzilla.suse.com/1251442"
},
{
"category": "self",
"summary": "SUSE Bug 1251649",
"url": "https://bugzilla.suse.com/1251649"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2025-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for helm",
"tracking": {
"current_release_date": "2025-11-24T09:19:46Z",
"generator": {
"date": "2025-11-24T09:19:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4190-1",
"initial_release_date": "2025-11-24T09:19:46Z",
"revision_history": [
{
"date": "2025-11-24T09:19:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-150000.1.57.1.aarch64",
"product": {
"name": "helm-3.19.1-150000.1.57.1.aarch64",
"product_id": "helm-3.19.1-150000.1.57.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-150000.1.57.1.i586",
"product": {
"name": "helm-3.19.1-150000.1.57.1.i586",
"product_id": "helm-3.19.1-150000.1.57.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"product": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"product_id": "helm-bash-completion-3.19.1-150000.1.57.1.noarch"
}
},
{
"category": "product_version",
"name": "helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"product": {
"name": "helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"product_id": "helm-fish-completion-3.19.1-150000.1.57.1.noarch"
}
},
{
"category": "product_version",
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"product": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"product_id": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-150000.1.57.1.ppc64le",
"product": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le",
"product_id": "helm-3.19.1-150000.1.57.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-150000.1.57.1.s390x",
"product": {
"name": "helm-3.19.1-150000.1.57.1.s390x",
"product_id": "helm-3.19.1-150000.1.57.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "helm-3.19.1-150000.1.57.1.x86_64",
"product": {
"name": "helm-3.19.1-150000.1.57.1.x86_64",
"product_id": "helm-3.19.1-150000.1.57.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le"
},
"product_reference": "helm-3.19.1-150000.1.57.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x"
},
"product_reference": "helm-3.19.1-150000.1.57.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-3.19.1-150000.1.57.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64"
},
"product_reference": "helm-3.19.1-150000.1.57.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-bash-completion-3.19.1-150000.1.57.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-fish-completion-3.19.1-150000.1.57.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
},
"product_reference": "helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T09:19:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-53547"
}
],
"notes": [
{
"category": "general",
"text": "Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-53547",
"url": "https://www.suse.com/security/cve/CVE-2025-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1246150 for CVE-2025-53547",
"url": "https://bugzilla.suse.com/1246150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T09:19:46Z",
"details": "important"
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Enterprise Storage 7.1:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Enterprise Storage 7.1:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Enterprise Storage 7.1:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Micro 5.5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-3.19.1-150000.1.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:helm-zsh-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.aarch64",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.ppc64le",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.s390x",
"openSUSE Leap 15.6:helm-3.19.1-150000.1.57.1.x86_64",
"openSUSE Leap 15.6:helm-bash-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-fish-completion-3.19.1-150000.1.57.1.noarch",
"openSUSE Leap 15.6:helm-zsh-completion-3.19.1-150000.1.57.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T09:19:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20089-1
Vulnerability from csaf_suse - Published: 2026-01-15 17:57 - Updated: 2026-01-15 17:57Summary
Security update for alloy
Notes
Title of the patch
Security update for alloy
Description of the patch
This update for alloy fixes the following issues:
Upgrade to version 1.12.1.
Security issues fixed:
- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents
(bsc#1251509).
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251716).
- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253609).
Other updates and bugfixes:
- Version 1.12.1:
* Bugfixes
- update to Beyla 2.7.10.
- Version 1.12.0:
* Breaking changes
- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component
ID instead of the hostname as their instance label in their exported metrics.
* Features
- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare's LogPush
jobs.
- (Experimental) Additions to experimental `database_observability.mysql` component:
- `explain_plans`
- collector now changes schema before returning the connection to the pool.
- collector now passes queries more permissively.
- enable `explain_plans` collector by default
- (Experimental) Additions to experimental `database_observability.postgres` component:
- `explain_plans`
- added the explain plan collector.
- collector now passes queries more permissively.
- `query_samples`
- add user field to wait events within `query_samples` collector.
- rework the query samples collector to buffer per-query execution state across scrapes and emit finalized
entries.
- process turned idle rows to calculate finalization times precisely and emit first seen idle rows.
- `query_details`
- escape queries coming from `pg_stat_statements` with quotes.
- enable `explain_plans` collector by default.
- safely generate `server_id` when UDP socket used for database connection.
- add table registry and include "validated" in parsed table name logs.
- Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud
Pub/Sub topic.
- Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.
- Send remote config status to the remote server for the `remotecfg` service.
- Send effective config to the remote server for the `remotecfg` service.
- Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting
both the query ID and the full SQL statement. The new block includes one option to enable statement selection,
and another to configure the maximum length of the statement text.
- Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.
- Add `u_probe_links` & `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of
the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.
- Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.
- Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.
- Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular
expression.
- OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.
- See the upstream
[core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)
and
[contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)
changelogs for more details.
- A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them
into a Mimir instance.
- Mark `stage.windowsevent` block in the `loki.process` component as GA.
* Enhancements
- Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one
application from consuming the rate limit quota of others.
- Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and
`pyroscope.receive_http`.
- Remove `SendSIGKILL=no` from unit files and recommendations.
- Reduce memory overhead of `prometheus.remote_write`'s WAL by lowering the size of the allocated series storage.
- Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from
`prometheus.relabel`.
- `prometheus.exporter.postgres` dependency has been updated to v0.18.1.
- Update Beyla component to 2.7.8.
- Support delimiters in `stage.luhn`.
- `pyroscope.java`: update `async-profiler` to 4.2.
- `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.
- `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.
- `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata
labels for use by downstream components.
- Rework underlying framework of Alloy UI to use Vite instead of Create React App.
- Use POST requests for remote config requests to avoid hitting http2 header limits.
- `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after
`graceful_shutdown_timeout` has expired.
- `kubernetes.discovery`: Add support for attaching namespace metadata.
- Add `meta_cache_address` to `beyla.ebpf` component.
* Bugfixes
- Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.
- Fix direction of arrows for pyroscope components in UI graph.
- Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.
- Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.
- Fix issues with "unknown series ref when trying to add exemplar" from `prometheus.remote_write` by allowing
series ref links to be updated if they change.
- Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node
filtering is enabled, preventing "Index with name `field:spec.nodeName` does not exist" errors.
- Fix issue in `loki.source.file` where scheduling files could take too long.
- Fix `loki.write` no longer includes internal labels __.
- Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.
- `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to
true.
- `loki.source.file` has better support for non-UTF-8 encoded files.
- Fix the `loki.write` endpoint block's `enable_http2` attribute to actually affect the client.
- Optionally remove trailing newlines before appending entries in `stage.multiline`.
- `loki.source.api` no longer drops request when relabel rules drops a specific stream.
Patchnames
SUSE-SLES-16.0-149
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpgrade to version 1.12.1.\n\n\nSecurity issues fixed:\n\n- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents\n (bsc#1251509).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251716).\n- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in\n response to a key listing or signing request (bsc#1253609).\n\nOther updates and bugfixes:\n\n- Version 1.12.1:\n * Bugfixes\n - update to Beyla 2.7.10.\n\n- Version 1.12.0:\n * Breaking changes\n - `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component\n ID instead of the hostname as their instance label in their exported metrics.\n * Features\n - (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare\u0027s LogPush\n jobs.\n - (Experimental) Additions to experimental `database_observability.mysql` component:\n - `explain_plans`\n - collector now changes schema before returning the connection to the pool.\n - collector now passes queries more permissively.\n - enable `explain_plans` collector by default\n - (Experimental) Additions to experimental `database_observability.postgres` component:\n - `explain_plans`\n - added the explain plan collector.\n - collector now passes queries more permissively.\n - `query_samples`\n - add user field to wait events within `query_samples` collector.\n - rework the query samples collector to buffer per-query execution state across scrapes and emit finalized\n entries.\n - process turned idle rows to calculate finalization times precisely and emit first seen idle rows.\n - `query_details`\n - escape queries coming from `pg_stat_statements` with quotes.\n - enable `explain_plans` collector by default.\n - safely generate `server_id` when UDP socket used for database connection.\n - add table registry and include \"validated\" in parsed table name logs.\n - Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud\n Pub/Sub topic.\n - Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.\n - Send remote config status to the remote server for the `remotecfg` service.\n - Send effective config to the remote server for the `remotecfg` service.\n - Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting\n both the query ID and the full SQL statement. The new block includes one option to enable statement selection,\n and another to configure the maximum length of the statement text.\n - Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.\n - Add `u_probe_links` \u0026 `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of\n the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.\n - Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.\n - Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.\n - Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular\n expression.\n - OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.\n - See the upstream\n [core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)\n and\n [contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)\n changelogs for more details.\n - A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them\n into a Mimir instance.\n - Mark `stage.windowsevent` block in the `loki.process` component as GA.\n * Enhancements\n - Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one\n application from consuming the rate limit quota of others.\n - Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and\n `pyroscope.receive_http`.\n - Remove `SendSIGKILL=no` from unit files and recommendations.\n - Reduce memory overhead of `prometheus.remote_write`\u0027s WAL by lowering the size of the allocated series storage.\n - Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from\n `prometheus.relabel`.\n - `prometheus.exporter.postgres` dependency has been updated to v0.18.1.\n - Update Beyla component to 2.7.8.\n - Support delimiters in `stage.luhn`.\n - `pyroscope.java`: update `async-profiler` to 4.2.\n - `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.\n - `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.\n - `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata\n labels for use by downstream components.\n - Rework underlying framework of Alloy UI to use Vite instead of Create React App.\n - Use POST requests for remote config requests to avoid hitting http2 header limits.\n - `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after\n `graceful_shutdown_timeout` has expired.\n - `kubernetes.discovery`: Add support for attaching namespace metadata.\n - Add `meta_cache_address` to `beyla.ebpf` component.\n * Bugfixes\n - Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.\n - Fix direction of arrows for pyroscope components in UI graph.\n - Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.\n - Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.\n - Fix issues with \"unknown series ref when trying to add exemplar\" from `prometheus.remote_write` by allowing\n series ref links to be updated if they change.\n - Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node\n filtering is enabled, preventing \"Index with name `field:spec.nodeName` does not exist\" errors.\n - Fix issue in `loki.source.file` where scheduling files could take too long.\n - Fix `loki.write` no longer includes internal labels __.\n - Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.\n - `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to\n true.\n - `loki.source.file` has better support for non-UTF-8 encoded files.\n - Fix the `loki.write` endpoint block\u0027s `enable_http2` attribute to actually affect the client.\n - Optionally remove trailing newlines before appending entries in `stage.multiline`.\n - `loki.source.api` no longer drops request when relabel rules drops a specific stream.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-149",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20089-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20089-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620089-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20089-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023811.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251509",
"url": "https://bugzilla.suse.com/1251509"
},
{
"category": "self",
"summary": "SUSE Bug 1251716",
"url": "https://bugzilla.suse.com/1251716"
},
{
"category": "self",
"summary": "SUSE Bug 1253609",
"url": "https://bugzilla.suse.com/1253609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-01-15T17:57:53Z",
"generator": {
"date": "2026-01-15T17:57:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20089-1",
"initial_release_date": "2026-01-15T17:57:53Z",
"revision_history": [
{
"date": "2026-01-15T17:57:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product": {
"name": "alloy-1.12.1-160000.1.1.aarch64",
"product_id": "alloy-1.12.1-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product": {
"name": "alloy-1.12.1-160000.1.1.ppc64le",
"product_id": "alloy-1.12.1-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.s390x",
"product": {
"name": "alloy-1.12.1-160000.1.1.s390x",
"product_id": "alloy-1.12.1-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product": {
"name": "alloy-1.12.1-160000.1.1.x86_64",
"product_id": "alloy-1.12.1-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64"
},
"product_reference": "alloy-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x"
},
"product_reference": "alloy-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64"
},
"product_reference": "alloy-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64"
},
"product_reference": "alloy-1.12.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le"
},
"product_reference": "alloy-1.12.1-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x"
},
"product_reference": "alloy-1.12.1-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
},
"product_reference": "alloy-1.12.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:alloy-1.12.1-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:alloy-1.12.1-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-15T17:57:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2026:20176-1
Vulnerability from csaf_suse - Published: 2026-01-29 15:32 - Updated: 2026-01-29 15:32Summary
Security update for elemental-register, elemental-toolkit
Notes
Title of the patch
Security update for elemental-register, elemental-toolkit
Description of the patch
This update for elemental-register, elemental-toolkit fixes the following issues:
elemental-register was updated to 1.8.1:
Changes on top of v1.8.1:
* Update headers to 2026
* Update questions to include SL Micro 6.2
Update to v1.8.1:
* Install yip config files in before-install step
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit was updated to v2.3.2:
* Bump golang.org/x/crypto library
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
Patchnames
SUSE-SL-Micro-6.2-217
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for elemental-register, elemental-toolkit",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for elemental-register, elemental-toolkit fixes the following issues:\n\nelemental-register was updated to 1.8.1:\n\nChanges on top of v1.8.1:\n\n * Update headers to 2026\n * Update questions to include SL Micro 6.2\n\nUpdate to v1.8.1:\n\n * Install yip config files in before-install step\n * Bump github.com/rancher-sandbox/go-tpm and its dependencies\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n\nelemental-toolkit was updated to v2.3.2:\n\n * Bump golang.org/x/crypto library\n This includes few CVE fixes:\n * bsc#1241826 (CVE-2025-22872)\n * bsc#1241857 (CVE-2025-22872)\n * bsc#1251511 (CVE-2025-47911)\n * bsc#1251679 (CVE-2025-58190)\n * bsc#1253581 (CVE-2025-47913)\n * bsc#1253901 (CVE-2025-58181)\n * bsc#1254079 (CVE-2025-47914)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-217",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20176-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20176-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620176-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20176-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024007.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241826",
"url": "https://bugzilla.suse.com/1241826"
},
{
"category": "self",
"summary": "SUSE Bug 1241857",
"url": "https://bugzilla.suse.com/1241857"
},
{
"category": "self",
"summary": "SUSE Bug 1251511",
"url": "https://bugzilla.suse.com/1251511"
},
{
"category": "self",
"summary": "SUSE Bug 1251679",
"url": "https://bugzilla.suse.com/1251679"
},
{
"category": "self",
"summary": "SUSE Bug 1253581",
"url": "https://bugzilla.suse.com/1253581"
},
{
"category": "self",
"summary": "SUSE Bug 1253901",
"url": "https://bugzilla.suse.com/1253901"
},
{
"category": "self",
"summary": "SUSE Bug 1254079",
"url": "https://bugzilla.suse.com/1254079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for elemental-register, elemental-toolkit",
"tracking": {
"current_release_date": "2026-01-29T15:32:26Z",
"generator": {
"date": "2026-01-29T15:32:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20176-1",
"initial_release_date": "2026-01-29T15:32:26Z",
"revision_history": [
{
"date": "2026-01-29T15:32:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-register-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64",
"product_id": "elemental-support-1.8.1-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-register-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64",
"product_id": "elemental-support-1.8.1-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"product_id": "elemental-toolkit-2.3.2-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-register-1.8.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-register-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-support-1.8.1-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64"
},
"product_reference": "elemental-support-1.8.1-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "elemental-toolkit-2.3.2-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
},
"product_reference": "elemental-toolkit-2.3.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-register-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-support-1.8.1-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:elemental-toolkit-2.3.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-29T15:32:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
SUSE-SU-2025:4482-1
Vulnerability from csaf_suse - Published: 2025-12-18 12:22 - Updated: 2025-12-18 12:22Summary
Security update for grafana
Notes
Title of the patch
Security update for grafana
Description of the patch
This update for grafana fixes the following issues:
grafana was updated from version 11.5.5 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
* CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735)
* CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)
* CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (version 11.5.6)
(bsc#1245302)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Version 11.5.7:
+ Azure: Fixed legend formatting and resource name determination in template variable queries.
Patchnames
SUSE-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4482,openSUSE-SLE-15.6-2025-4482
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for grafana",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for grafana fixes the following issues:\n\ngrafana was updated from version 11.5.5 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735)\n * CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)\n * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (version 11.5.6)\n (bsc#1245302)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n\n * Version 11.5.7:\n + Azure: Fixed legend formatting and resource name determination in template variable queries.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4482,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4482,openSUSE-SLE-15.6-2025-4482",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4482-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4482-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254482-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4482-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023614.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1246735",
"url": "https://bugzilla.suse.com/1246735"
},
{
"category": "self",
"summary": "SUSE Bug 1246736",
"url": "https://bugzilla.suse.com/1246736"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6197 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update for grafana",
"tracking": {
"current_release_date": "2025-12-18T12:22:20Z",
"generator": {
"date": "2025-12-18T12:22:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4482-1",
"initial_release_date": "2025-12-18T12:22:20Z",
"revision_history": [
{
"date": "2025-12-18T12:22:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.aarch64",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64",
"product_id": "grafana-11.5.10-150200.3.80.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le",
"product_id": "grafana-11.5.10-150200.3.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.s390x",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.s390x",
"product_id": "grafana-11.5.10-150200.3.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150200.3.80.1.x86_64",
"product": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64",
"product_id": "grafana-11.5.10-150200.3.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150200.3.80.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
},
"product_reference": "grafana-11.5.10-150200.3.80.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-6023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6023"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.\n\nThe open redirect can be chained with path traversal vulnerabilities to achieve XSS.\n\nFixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6023",
"url": "https://www.suse.com/security/cve/CVE-2025-6023"
},
{
"category": "external",
"summary": "SUSE Bug 1246735 for CVE-2025-6023",
"url": "https://bugzilla.suse.com/1246735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "important"
}
],
"title": "CVE-2025-6023"
},
{
"cve": "CVE-2025-6197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6197"
}
],
"notes": [
{
"category": "general",
"text": "An open redirect vulnerability has been identified in Grafana OSS organization switching functionality.\n\n\nPrerequisites for exploitation:\n\n- Multiple organizations must exist in the Grafana instance\n\n- Victim must be on a different organization than the one specified in the URL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6197",
"url": "https://www.suse.com/security/cve/CVE-2025-6197"
},
{
"category": "external",
"summary": "SUSE Bug 1246736 for CVE-2025-6197",
"url": "https://bugzilla.suse.com/1246736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "moderate"
}
],
"title": "CVE-2025-6197"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:grafana-11.5.10-150200.3.80.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:grafana-11.5.10-150200.3.80.1.x86_64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.aarch64",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.ppc64le",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.s390x",
"openSUSE Leap 15.6:grafana-11.5.10-150200.3.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:22:20Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4444-1
Vulnerability from csaf_suse - Published: 2025-12-18 08:49 - Updated: 2025-12-18 08:49Summary
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
grafana was updated from version 11.5.7 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Update to version 11.5.8:
+ No relevant changes
uyuni-tools:
- version 5.1.23-0
* Update the default tag to 5.1.1.1
- version 5.1.22-0
* Fix cobbler config migration to standalone files
* Fix generated DB certificate subject alternate names
- version 5.1.21-0
* Remove extraneous quotes when getting the running image (bsc#1249434)
Patchnames
SUSE-2025-4444,SUSE-MultiLinuxManagerTools-SLE-12-2025-4444
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana was updated from version 11.5.7 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n * Update to version 11.5.8:\n + No relevant changes\n\nuyuni-tools:\n\n- version 5.1.23-0\n * Update the default tag to 5.1.1.1\n- version 5.1.22-0\n * Fix cobbler config migration to standalone files\n * Fix generated DB certificate subject alternate names\n- version 5.1.21-0\n * Remove extraneous quotes when getting the running image (bsc#1249434)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4444,SUSE-MultiLinuxManagerTools-SLE-12-2025-4444",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4444-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4444-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254444-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4444-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023608.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249434",
"url": "https://bugzilla.suse.com/1249434"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-12-18T08:49:35Z",
"generator": {
"date": "2025-12-18T08:49:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4444-1",
"initial_release_date": "2025-12-18T08:49:35Z",
"revision_history": [
{
"date": "2025-12-18T08:49:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.aarch64",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.aarch64",
"product_id": "grafana-11.5.10-120002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"product_id": "mgrctl-5.1.23-120002.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-lang-5.1.23-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.ppc64le",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.ppc64le",
"product_id": "grafana-11.5.10-120002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"product_id": "mgrctl-5.1.23-120002.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.s390x",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.s390x",
"product_id": "grafana-11.5.10-120002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.s390x",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.s390x",
"product_id": "mgrctl-5.1.23-120002.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"product": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"product_id": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.6.1.x86_64",
"product": {
"name": "grafana-11.5.10-120002.4.6.1.x86_64",
"product_id": "grafana-11.5.10-120002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"product": {
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"product_id": "mgrctl-5.1.23-120002.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64"
},
"product_reference": "Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64"
},
"product_reference": "grafana-11.5.10-120002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-120002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-120002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:Multi-Linux-ManagerTools-SLE-release-POOL-12-120002.1.11.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.23-120002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.23-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.23-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:35Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4479-1
Vulnerability from csaf_suse - Published: 2025-12-18 12:15 - Updated: 2025-12-18 12:15Summary
Security update 4.3.16.2 for Multi-Linux Manager Server LTS
Notes
Title of the patch
Security update 4.3.16.2 for Multi-Linux Manager Server LTS
Description of the patch
This update fixes the following issues:
release-notes-susemanager:
- Update to SUSE Manager 4.3.16.2
* SUSE Linux Enterprise Server 15 SP6 LTSS channels enabled
* CVEs Fixed:
CVE-2025-11065, CVE-2025-64751, CCVE-2025-47911, CVE-2025-58190
CVE-2025-62349, CVE-2025-62348
* Bugs mentioned:
bsc#1237060, bsc#1241455, bsc#1250911, bsc#1251864, bsc#1253024
Patchnames
SUSE-2025-4479,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4479,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4479
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 4.3.16.2 for Multi-Linux Manager Server LTS",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nrelease-notes-susemanager:\n\n- Update to SUSE Manager 4.3.16.2\n * SUSE Linux Enterprise Server 15 SP6 LTSS channels enabled\n * CVEs Fixed:\n CVE-2025-11065, CVE-2025-64751, CCVE-2025-47911, CVE-2025-58190\n CVE-2025-62349, CVE-2025-62348\n * Bugs mentioned:\n bsc#1237060, bsc#1241455, bsc#1250911, bsc#1251864, bsc#1253024\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4479,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4479,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4479",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4479-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4479-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254479-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4479-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023616.html"
},
{
"category": "self",
"summary": "SUSE Bug 1237060",
"url": "https://bugzilla.suse.com/1237060"
},
{
"category": "self",
"summary": "SUSE Bug 1241455",
"url": "https://bugzilla.suse.com/1241455"
},
{
"category": "self",
"summary": "SUSE Bug 1250911",
"url": "https://bugzilla.suse.com/1250911"
},
{
"category": "self",
"summary": "SUSE Bug 1251864",
"url": "https://bugzilla.suse.com/1251864"
},
{
"category": "self",
"summary": "SUSE Bug 1253024",
"url": "https://bugzilla.suse.com/1253024"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62348 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-62349 page",
"url": "https://www.suse.com/security/cve/CVE-2025-62349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 4.3.16.2 for Multi-Linux Manager Server LTS",
"tracking": {
"current_release_date": "2025-12-18T12:15:07Z",
"generator": {
"date": "2025-12-18T12:15:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4479-1",
"initial_release_date": "2025-12-18T12:15:07Z",
"revision_history": [
{
"date": "2025-12-18T12:15:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"product": {
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"product_id": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"product": {
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"product_id": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy LTS 4.3",
"product": {
"name": "SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch"
},
"product_reference": "release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
},
"product_reference": "release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-62348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62348"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62348",
"url": "https://www.suse.com/security/cve/CVE-2025-62348"
},
{
"category": "external",
"summary": "SUSE Bug 1254256 for CVE-2025-62348",
"url": "https://bugzilla.suse.com/1254256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "important"
}
],
"title": "CVE-2025-62348"
},
{
"cve": "CVE-2025-62349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-62349"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-62349",
"url": "https://www.suse.com/security/cve/CVE-2025-62349"
},
{
"category": "external",
"summary": "SUSE Bug 1254257 for CVE-2025-62349",
"url": "https://bugzilla.suse.com/1254257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-62349"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy LTS 4.3:release-notes-susemanager-proxy-4.3.16.2-150400.3.104.2.noarch",
"SUSE Manager Server LTS 4.3:release-notes-susemanager-4.3.16.2-150400.3.148.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T12:15:07Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2025:4446-1
Vulnerability from csaf_suse - Published: 2025-12-18 08:49 - Updated: 2025-12-18 08:49Summary
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Notes
Title of the patch
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
Description of the patch
This update fixes the following issues:
grafana was updated from version 11.5.7 to 11.5.10:
- Security issues fixed:
* CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)
(bsc#1254113)
* CVE-2025-47911: Fix parsing HTML documents (version 11.5.10) (bsc#1251454)
* CVE-2025-58190: Fix excessive memory consumption (version 11.5.10) (bsc#1251657)
* CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)
- Other changes, new features and bugs fixed:
* Version 11.5.10:
+ Use forked wire from Grafana repository instead of external package (jsc#PED-14178)
+ Auth: Fix render user OAuth passthrough.
+ LDAP Authentication: Fix URL to propagate username context as parameter.
+ Plugins: Dependencies do not inherit parent URL for preinstall.
* Version 11.5.9:
+ Auditing: Document new options for recording datasource query request/response body.
+ Login: Fixed redirection after login when Grafana is served from subpath.
* Update to version 11.5.8:
+ No relevant changes
uyuni-tools:
- version 5.1.23-0
* Update the default tag to 5.1.1.1
- version 5.1.22-0
* Fix cobbler config migration to standalone files
* Fix generated DB certificate subject alternate names
- version 5.1.21-0
* Remove extraneous quotes when getting the running image (bsc#1249434)
Patchnames
SUSE-2025-4446,SUSE-MultiLinuxManagerTools-SLE-15-2025-4446,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-4446
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngrafana was updated from version 11.5.7 to 11.5.10:\n\n- Security issues fixed:\n\n * CVE-2025-64751: Drop experimental implementation of authorization Zanzana server/client (version 11.5.10)\n (bsc#1254113)\n * CVE-2025-47911: Fix parsing HTML documents (version 11.5.10) (bsc#1251454)\n * CVE-2025-58190: Fix excessive memory consumption (version 11.5.10) (bsc#1251657)\n * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n\n- Other changes, new features and bugs fixed:\n\n * Version 11.5.10:\n + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n + Auth: Fix render user OAuth passthrough.\n + LDAP Authentication: Fix URL to propagate username context as parameter.\n + Plugins: Dependencies do not inherit parent URL for preinstall.\n * Version 11.5.9:\n + Auditing: Document new options for recording datasource query request/response body.\n + Login: Fixed redirection after login when Grafana is served from subpath.\n * Update to version 11.5.8:\n + No relevant changes\n\nuyuni-tools:\n\n- version 5.1.23-0\n * Update the default tag to 5.1.1.1\n- version 5.1.22-0\n * Fix cobbler config migration to standalone files\n * Fix generated DB certificate subject alternate names\n- version 5.1.21-0\n * Remove extraneous quotes when getting the running image (bsc#1249434)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4446,SUSE-MultiLinuxManagerTools-SLE-15-2025-4446,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-4446",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4446-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4446-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254446-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4446-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023607.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249434",
"url": "https://bugzilla.suse.com/1249434"
},
{
"category": "self",
"summary": "SUSE Bug 1250616",
"url": "https://bugzilla.suse.com/1250616"
},
{
"category": "self",
"summary": "SUSE Bug 1251454",
"url": "https://bugzilla.suse.com/1251454"
},
{
"category": "self",
"summary": "SUSE Bug 1251657",
"url": "https://bugzilla.suse.com/1251657"
},
{
"category": "self",
"summary": "SUSE Bug 1254113",
"url": "https://bugzilla.suse.com/1254113"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64751/"
}
],
"title": "Security update 5.1.1.1 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2025-12-18T08:49:58Z",
"generator": {
"date": "2025-12-18T08:49:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4446-1",
"initial_release_date": "2025-12-18T08:49:58Z",
"revision_history": [
{
"date": "2025-12-18T08:49:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.aarch64",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.aarch64",
"product_id": "grafana-11.5.10-150002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"product_id": "mgrctl-5.1.23-150002.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-lang-5.1.23-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.ppc64le",
"product_id": "grafana-11.5.10-150002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"product_id": "mgrctl-5.1.23-150002.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.s390x",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.s390x",
"product_id": "grafana-11.5.10-150002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.s390x",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x",
"product_id": "mgrctl-5.1.23-150002.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.6.1.x86_64",
"product": {
"name": "grafana-11.5.10-150002.4.6.1.x86_64",
"product_id": "grafana-11.5.10-150002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"product": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"product_id": "mgrctl-5.1.23-150002.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15"
}
},
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64"
},
"product_reference": "grafana-11.5.10-150002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.23-150002.3.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64"
},
"product_reference": "mgrctl-5.1.23-150002.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11065"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11065",
"url": "https://www.suse.com/security/cve/CVE-2025-11065"
},
{
"category": "external",
"summary": "SUSE Bug 1250608 for CVE-2025-11065",
"url": "https://bugzilla.suse.com/1250608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-11065"
},
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
},
{
"cve": "CVE-2025-64751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64751"
}
],
"notes": [
{
"category": "general",
"text": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 \u003c= Helm chart \u003c= openfga-0.2.48, v.1.4.0 \u003c= docker \u003c= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64751",
"url": "https://www.suse.com/security/cve/CVE-2025-64751"
},
{
"category": "external",
"summary": "SUSE Bug 1254112 for CVE-2025-64751",
"url": "https://bugzilla.suse.com/1254112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.23-150002.3.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.23-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.23-150002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T08:49:58Z",
"details": "important"
}
],
"title": "CVE-2025-64751"
}
]
}
SUSE-SU-2026:0028-1
Vulnerability from csaf_suse - Published: 2026-01-05 12:53 - Updated: 2026-01-05 12:53Summary
Security update for alloy
Notes
Title of the patch
Security update for alloy
Description of the patch
This update for alloy fixes the following issues:
Upgrade to version 1.12.1.
Security issues fixed:
- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents
(bsc#1251509).
- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253609).
- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251716).
Other updates and bugfixes:
- Version 1.12.1:
* Bugfixes
- update to Beyla 2.7.10.
- Version 1.12.0:
* Breaking changes
- `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component
ID instead of the hostname as their instance label in their exported metrics.
* Features
- (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare's LogPush
jobs.
- (Experimental) Additions to experimental `database_observability.mysql` component:
- `explain_plans`
- collector now changes schema before returning the connection to the pool.
- collector now passes queries more permissively.
- enable `explain_plans` collector by default
- (Experimental) Additions to experimental `database_observability.postgres` component:
- `explain_plans`
- added the explain plan collector.
- collector now passes queries more permissively.
- `query_samples`
- add user field to wait events within `query_samples` collector.
- rework the query samples collector to buffer per-query execution state across scrapes and emit finalized
entries.
- process turned idle rows to calculate finalization times precisely and emit first seen idle rows.
- `query_details`
- escape queries coming from `pg_stat_statements` with quotes.
- enable `explain_plans` collector by default.
- safely generate `server_id` when UDP socket used for database connection.
- add table registry and include 'validated' in parsed table name logs.
- Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud
Pub/Sub topic.
- Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.
- Send remote config status to the remote server for the `remotecfg` service.
- Send effective config to the remote server for the `remotecfg` service.
- Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting
both the query ID and the full SQL statement. The new block includes one option to enable statement selection,
and another to configure the maximum length of the statement text.
- Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.
- Add `u_probe_links` & `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of
the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.
- Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.
- Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.
- Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular
expression.
- OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.
- See the upstream
[core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)
and
[contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)
changelogs for more details.
- A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them
into a Mimir instance.
- Mark `stage.windowsevent` block in the `loki.process` component as GA.
* Enhancements
- Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one
application from consuming the rate limit quota of others.
- Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and
`pyroscope.receive_http`.
- Remove `SendSIGKILL=no` from unit files and recommendations.
- Reduce memory overhead of `prometheus.remote_write`'s WAL by lowering the size of the allocated series storage.
- Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from
`prometheus.relabel`.
- `prometheus.exporter.postgres` dependency has been updated to v0.18.1.
- Update Beyla component to 2.7.8.
- Support delimiters in `stage.luhn`.
- `pyroscope.java`: update `async-profiler` to 4.2.
- `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.
- `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.
- `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata
labels for use by downstream components.
- Rework underlying framework of Alloy UI to use Vite instead of Create React App.
- Use POST requests for remote config requests to avoid hitting http2 header limits.
- `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after
`graceful_shutdown_timeout` has expired.
- `kubernetes.discovery`: Add support for attaching namespace metadata.
- Add `meta_cache_address` to `beyla.ebpf` component.
* Bugfixes
- Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.
- Fix direction of arrows for pyroscope components in UI graph.
- Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.
- Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.
- Fix issues with 'unknown series ref when trying to add exemplar' from `prometheus.remote_write` by allowing
series ref links to be updated if they change.
- Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node
filtering is enabled, preventing 'Index with name `field:spec.nodeName` does not exist' errors.
- Fix issue in `loki.source.file` where scheduling files could take too long.
- Fix `loki.write` no longer includes internal labels __.
- Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.
- `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to
true.
- `loki.source.file` has better support for non-UTF-8 encoded files.
- Fix the `loki.write` endpoint block's `enable_http2` attribute to actually affect the client.
- Optionally remove trailing newlines before appending entries in `stage.multiline`.
- `loki.source.api` no longer drops request when relabel rules drops a specific stream.
Patchnames
SUSE-2026-28,SUSE-SLE-Module-Basesystem-15-SP7-2026-28
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for alloy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for alloy fixes the following issues:\n\nUpgrade to version 1.12.1.\n\nSecurity issues fixed:\n \n- CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents\n (bsc#1251509).\n- CVE-2025-47913: golang.org/x/crypto: early client process termination when receiving an unexpected message type in\n response to a key listing or signing request (bsc#1253609).\n- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially\n crafted input (bsc#1251716).\n \nOther updates and bugfixes:\n \n- Version 1.12.1:\n * Bugfixes\n - update to Beyla 2.7.10.\n \n- Version 1.12.0:\n * Breaking changes\n - `prometheus.exporter.blackbox`, `prometheus.exporter.snmp` and `prometheus.exporter.statsd` now use the component\n ID instead of the hostname as their instance label in their exported metrics.\n * Features\n - (Experimental) Add an `otelcol.receiver.cloudflare` component to receive logs pushed by Cloudflare\u0027s LogPush\n jobs.\n - (Experimental) Additions to experimental `database_observability.mysql` component:\n - `explain_plans`\n - collector now changes schema before returning the connection to the pool.\n - collector now passes queries more permissively.\n - enable `explain_plans` collector by default\n - (Experimental) Additions to experimental `database_observability.postgres` component:\n - `explain_plans`\n - added the explain plan collector.\n - collector now passes queries more permissively.\n - `query_samples`\n - add user field to wait events within `query_samples` collector.\n - rework the query samples collector to buffer per-query execution state across scrapes and emit finalized\n entries.\n - process turned idle rows to calculate finalization times precisely and emit first seen idle rows.\n - `query_details`\n - escape queries coming from `pg_stat_statements` with quotes.\n - enable `explain_plans` collector by default.\n - safely generate `server_id` when UDP socket used for database connection.\n - add table registry and include \u0027validated\u0027 in parsed table name logs.\n - Add `otelcol.exporter.googlecloudpubsub` community component to export metrics, traces, and logs to Google Cloud\n Pub/Sub topic.\n - Add `structured_metadata_drop` stage for `loki.process` to filter structured metadata.\n - Send remote config status to the remote server for the `remotecfg` service.\n - Send effective config to the remote server for the `remotecfg` service.\n - Add a `stat_statements` configuration block to the `prometheus.exporter.postgres` component to enable selecting\n both the query ID and the full SQL statement. The new block includes one option to enable statement selection,\n and another to configure the maximum length of the statement text.\n - Add truncate stage for `loki.process` to truncate log entries, label values, and `structured_metadata` values.\n - Add `u_probe_links` \u0026 `load_probe` configuration fields to alloy `pyroscope.ebpf` to extend configuration of\n the `opentelemetry-ebpf-profiler` to allow uprobe profiling and dynamic probing.\n - Add `verbose_mode` configuration fields to `alloy pyroscope.ebpf` to be enable `ebpf-profiler` verbose mode.\n - Add `file_match` block to `loki.source.file` for built-in file discovery using glob patterns.\n - Add a regex argument to the `structured_metadata` stage in `loki.process` to extract labels matching a regular\n expression.\n - OpenTelemetry Collector dependencies upgraded from v0.134.0 to v0.139.0.\n - See the upstream\n [core](https://github.com/open-telemetry/opentelemetry-collector/blob/v0.139.0/CHANGELOG.md)\n and\n [contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v0.139.0/CHANGELOG.md)\n changelogs for more details.\n - A new `mimir.alerts.kubernetes` component which discovers AlertmanagerConfig Kubernetes resources and loads them\n into a Mimir instance.\n - Mark `stage.windowsevent` block in the `loki.process` component as GA.\n * Enhancements\n - Add per-application rate limiting with the strategy attribute in the `faro.receiver` component, to prevent one\n application from consuming the rate limit quota of others.\n - Add support of tls in components `loki.source.(awsfirehose|gcplog|heroku|api)` and `prometheus.receive_http` and\n `pyroscope.receive_http`.\n - Remove `SendSIGKILL=no` from unit files and recommendations.\n - Reduce memory overhead of `prometheus.remote_write`\u0027s WAL by lowering the size of the allocated series storage.\n - Reduce lock wait/contention on the `labelstore.LabelStore` by removing unecessary usage from\n `prometheus.relabel`.\n - `prometheus.exporter.postgres` dependency has been updated to v0.18.1.\n - Update Beyla component to 2.7.8.\n - Support delimiters in `stage.luhn`.\n - `pyroscope.java`: update `async-profiler` to 4.2.\n - `prometheus.exporter.unix`: Add an arp config block to configure the ARP collector.\n - `prometheus.exporter.snowflake` dependency has been updated to 20251016132346-6d442402afb2.\n - `loki.source.podlogs` now supports `preserve_discovered_labels` parameter to preserve discovered pod metadata\n labels for use by downstream components.\n - Rework underlying framework of Alloy UI to use Vite instead of Create React App.\n - Use POST requests for remote config requests to avoid hitting http2 header limits.\n - `loki.source.api` during component shutdown will now reject all the inflight requests with status code 503 after\n `graceful_shutdown_timeout` has expired.\n - `kubernetes.discovery`: Add support for attaching namespace metadata.\n - Add `meta_cache_address` to `beyla.ebpf` component.\n * Bugfixes\n - Stop `loki.source.kubernetes` discarding log lines with duplicate timestamps.\n - Fix direction of arrows for pyroscope components in UI graph.\n - Only log EOF errors for syslog port investigations in `loki.source.syslog` as Debug, not Warn.\n - Fix `prometheus.exporter.process` ignoring the `remove_empty_groups` argument.\n - Fix issues with \u0027unknown series ref when trying to add exemplar\u0027 from `prometheus.remote_write` by allowing\n series ref links to be updated if they change.\n - Fix `loki.source.podlogs` component to register the Kubernetes field index for `spec.nodeName` when node\n filtering is enabled, preventing \u0027Index with name `field:spec.nodeName` does not exist\u0027 errors.\n - Fix issue in `loki.source.file` where scheduling files could take too long.\n - Fix `loki.write` no longer includes internal labels __.\n - Fix missing native histograms custom buckets (NHCB) samples from `prometheus.remote_write`.\n - `otelcol.receiver.prometheus` now supports mixed histograms if `prometheus.scrape` has `honor_metadata` set to\n true.\n - `loki.source.file` has better support for non-UTF-8 encoded files.\n - Fix the `loki.write` endpoint block\u0027s `enable_http2` attribute to actually affect the client.\n - Optionally remove trailing newlines before appending entries in `stage.multiline`.\n - `loki.source.api` no longer drops request when relabel rules drops a specific stream.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-28,SUSE-SLE-Module-Basesystem-15-SP7-2026-28",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0028-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0028-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260028-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0028-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023680.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251509",
"url": "https://bugzilla.suse.com/1251509"
},
{
"category": "self",
"summary": "SUSE Bug 1251716",
"url": "https://bugzilla.suse.com/1251716"
},
{
"category": "self",
"summary": "SUSE Bug 1253609",
"url": "https://bugzilla.suse.com/1253609"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58190/"
}
],
"title": "Security update for alloy",
"tracking": {
"current_release_date": "2026-01-05T12:53:11Z",
"generator": {
"date": "2026-01-05T12:53:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0028-1",
"initial_release_date": "2026-01-05T12:53:11Z",
"revision_history": [
{
"date": "2026-01-05T12:53:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.aarch64",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.aarch64",
"product_id": "alloy-1.12.1-150700.15.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.ppc64le",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.ppc64le",
"product_id": "alloy-1.12.1-150700.15.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.s390x",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.s390x",
"product_id": "alloy-1.12.1-150700.15.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.12.1-150700.15.12.1.x86_64",
"product": {
"name": "alloy-1.12.1-150700.15.12.1.x86_64",
"product_id": "alloy-1.12.1-150700.15.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.12.1-150700.15.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
},
"product_reference": "alloy-1.12.1-150700.15.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47911"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47911",
"url": "https://www.suse.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "SUSE Bug 1251308 for CVE-2025-47911",
"url": "https://bugzilla.suse.com/1251308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-47911"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-58190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58190"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58190",
"url": "https://www.suse.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "SUSE Bug 1251309 for CVE-2025-58190",
"url": "https://bugzilla.suse.com/1251309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:alloy-1.12.1-150700.15.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-05T12:53:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-58190"
}
]
}
FKIE_CVE-2025-58190
Vulnerability from fkie_nvd - Published: 2026-02-05 18:16 - Updated: 2026-02-12 16:16
Severity ?
Summary
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content."
}
],
"id": "CVE-2025-58190",
"lastModified": "2026-02-12T16:16:03.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-02-05T18:16:10.027",
"references": [
{
"source": "security@golang.org",
"url": "https://github.com/golang/vulndb/issues/4441"
},
{
"source": "security@golang.org",
"url": "https://go.dev/cl/709875"
},
{
"source": "security@golang.org",
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2026-4441"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Undergoing Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…