1406 matches found
AZL-77073 CVE-2025-58190 affecting package prometheus-adapter 0.12.0-4
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76983 CVE-2025-47911 affecting package prometheus-adapter for versions less than 0.10.0-19
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-77070 CVE-2025-47911 affecting package prometheus-adapter 0.12.0-4
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
SUSE-SU-2026:20232-1 Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: Update to version 3.5.0: Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257329. - CVE-2025-12816: interpretation conflict...
golang-github-prometheus-prometheus-3.9.1-2.1 on GA media (moderate)
golang-github-prometheus-prometheus-3.9.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10124-1 Rating: moderate Cross-References: CVE-2025-13465 CVSS scores: CVE-2025-13465 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-13465 SUSE : 8.8...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-62348 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
CLEANSTART-2026-EK72220 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-CQ38405 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-YD87381 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-QE58701 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-IA26094 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-DO68350 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-PH90623 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-XO66167 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-UU20906 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-PY85990 tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing
Security vulnerability affects the prometheus package. The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing...
CLEANSTART-2026-YM28538 Prometheus Blackbox Exporter through 0
Multiple security vulnerabilities affect the prometheus-blackbox-exporter package. Prometheus Blackbox Exporter through 0. See references for individual vulnerability details...
CLEANSTART-2026-ZL24388 Prometheus Blackbox Exporter through 0
Multiple security vulnerabilities affect the prometheus-blackbox-exporter package. Prometheus Blackbox Exporter through 0. See references for individual vulnerability details...
OPENSUSE-SU-2026:10124-1 golang-github-prometheus-prometheus-3.9.1-2.1 on GA media
These are all security issues fixed in the golang-github-prometheus-prometheus-3.9.1-2.1 package on the GA media of openSUSE Tumbleweed...
AZL-75554 CVE-2025-11065 affecting package prometheus for versions less than 2.37.9-7
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...