Security update 5.0.6 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document th...

SUSE-SU-2025:4457-1 Security update 5.0.6 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: - Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document...

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: cloudbeat, ratify-fips, dkron-fips, gitsign, cilium-fips, mongodb-kubernetes-operator, logstash-exporter-fips, gitlab-pages, haproxy-ingress, prometheus-adapter-fips, aws-flb-cloudwatch-fips, cloudbeat-fips, x509-certificate-exporter-fips,...

Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot was updated from version 0.1 to version 1.0.0: Version 1.0.0 bugs fixed: Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 golang-github-prometheus-alertmanager was updated from version 0.26.0 to...

SUSE-SU-2025:3819-1 Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot was updated from version 0.1 to version 1.0.0: - Version 1.0.0 bugs fixed: Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 golang-github-prometheus-alertmanager was updated from version 0.26.0 to...

SUSE-SU-2025:3817-1 Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: - Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document...

Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document th...

Fedora: Security Advisory (FEDORA-2025-9b9074cb93)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2021-1352

Malware in sbrugna...

EUVD-2022-7604

Malicious code in bioql PyPI...

EUVD-2023-2358

Malicious code in bioql PyPI...

Grafana Labs < 10.4.17+security-01, 11.2.8+security-01, 11.3.5+security-01, 11.4.3+security-01, 11.5.3+security-01, 11.6.0+security-01 Improper Authorization (CVE-2025-3454)

The version of Grafana Labs installed on the remote host is affected by improper authorization vulnerability as referenced in the CVE-2025-3454 advisory. - This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL...

Fedora 43 : golang-github-prometheus-alertmanager (2025-9b9074cb93)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9b9074cb93 advisory. Automatic update for golang-github-prometheus-alertmanager-0.28.1-1.fc43. Changelog Thu Jul 10 2025 Mikel Olasagasti Uranga - 0.28.1-1 - Update to 0.28.1 -...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2025:01992-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01992-1 advisory. - Security: CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs bsc1238686 CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in...

openSUSE Security Advisory (SUSE-SU-2025:01992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: alertmanager (TSSA-2024:0822)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0822 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Grafana Labs < 11.6.1+security-01 Authorization Bypass (CVE-2025-3260)

The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2025-3260 advisory. Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could...

BIT-GRAFANA-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

Grafana's datasource proxy API allows authorization checks to be bypassed

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

GHSA-9J65-RV5X-4VRF Grafana's datasource proxy API allows authorization checks to be bypassed

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...