1406 matches found
EUVD-2026-25846
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
CVE-2026-40557 Apache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connections
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
CVE-2026-40557 Apache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connections
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...
Apache Storm Prometheus Reporter 信任管理问题漏洞
Apache Storm Prometheus Reporter is a monitoring component developed by the Apache Foundation that converts metrics from distributed stream processing systems into Prometheus format. Versions 2.6.3 to 2.8.6 of Apache Storm Prometheus Reporter contain vulnerabilities related to trust management...
PT-2026-35413
Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skip tls validation by default it is...
golang-github-prometheus-alertmanager-0.31.1-3.1 on GA media (moderate)
golang-github-prometheus-alertmanager-0.31.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10612-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...
OPENSUSE-SU-2026:10612-1 golang-github-prometheus-alertmanager-0.31.1-3.1 on GA media
These are all security issues fixed in the golang-github-prometheus-alertmanager-0.31.1-3.1 package on the GA media of openSUSE Tumbleweed...
golang-github-prometheus-prometheus-3.11.2-1.1 on GA media (moderate)
golang-github-prometheus-prometheus-3.11.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10607-1 Rating: moderate Cross-References: CVE-2026-40179 CVSS scores: CVE-2026-40179 SUSE : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-40179 SUSE : 5.3...
OPENSUSE-SU-2026:10607-1 golang-github-prometheus-prometheus-3.11.2-1.1 on GA media
These are all security issues fixed in the golang-github-prometheus-prometheus-3.11.2-1.1 package on the GA media of openSUSE Tumbleweed...
Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers golang-github-prometheus-prometheus: Security issues fixed: CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup bsc1258893 Bumped...
SUSE-SU-2026:1524-1 Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers golang-github-prometheus-prometheus: - Security issues fixed: CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup bsc1258893 +...
Linux Distros Unpatched Vulnerability : CVE-2026-40179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting...
BIT-PROMETHEUS-2026-40179 Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...
CVE-2026-33414 vulnerabilities
Vulnerabilities for packages: falco-no-driver...
GHSA-HC8W-H2MF-HP59 vulnerabilities
Vulnerabilities for packages: falco-no-driver...
CVE-2026-33414 vulnerabilities
Vulnerabilities for packages: prometheus-podman-exporter, falco-no-driver, prometheus-podman-exporter-fips...
GHSA-HC8W-H2MF-HP59 vulnerabilities
Vulnerabilities for packages: prometheus-podman-exporter, falco-no-driver, prometheus-podman-exporter-fips...
SUSE CVE-2026-40179
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...
CVE-2026-40179
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...
CVE-2026-40179
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...