GHSA-X4RX-4GW3-53P4 vulnerabilities

Vulnerabilities for packages: buildah, grype, opentelemetry-collector-contrib-fips, cg, dagger, beats-fips, grype-db, nerdctl, grype-fips, zarf, trufflehog-fips, falcoctl, aws-otel-collector, cadvisor-fips, opentelemetry-collector-fips, trufflehog, apko, docker-compose-fips, falcoctl-fips,...

Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle

This update fixes the following issues: golang-github-prometheus-nodeexporter: Security issues fixed: CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 Other bugs fixed: Fixed Darwin memory leak pressure: Fix...

SUSE-SU-2025:02478-1 Security update 5.0.5 for Multi-Linux Manager Server

This update fixes the following issues: server-attestation-image: - Version 5.0.11: Fixed the health check of the container bsc1240604 server-hub-xmlrpc-api-image: - Version 5.0.13: Image rebuilt to the newest version with updated dependencies server-image: - Version 5.0.16: Fixed...

Fedora 43 : golang-github-prometheus (2025-3afa669ec0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3afa669ec0 advisory. Automatic update for golang-github-prometheus-2.55.1-1.fc43. Changelog Thu Jul 17 2025 Mikel Olasagasti Uranga - 2.55.1-1 - Update to 2.55.1 and ado...

MAL-2025-5919 Malicious code in grafana-amazonprometheus-datasource (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7359e2541c67fe090610ee101544e2e2da0fc6232b1fff166f71c0bd3c1f0e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora 43 : golang-github-prometheus-prom2json (2025-18547fda0a)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-18547fda0a advisory. Automatic update for golang-github-prometheus-prom2json-1.4.2-1.fc43. Changelog Tue Jul 15 2025 Mikel Olasagasti Uranga - 1.4.2-1 - Update to 1.4.2 and adopt...

Grafana Labs < 10.4.17+security-01, 11.2.8+security-01, 11.3.5+security-01, 11.4.3+security-01, 11.5.3+security-01, 11.6.0+security-01 Improper Authorization (CVE-2025-3454)

The version of Grafana Labs installed on the remote host is affected by improper authorization vulnerability as referenced in the CVE-2025-3454 advisory. - This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL...

Malicious code in azure-prometheus-datasource (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47fd9dad2205644dc2dc1629b5ba8933f2243510d26fca0bb35e2fb3f1e602a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5765 Malicious code in azure-prometheus-datasource (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47fd9dad2205644dc2dc1629b5ba8933f2243510d26fca0bb35e2fb3f1e602a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE SLES15 / openSUSE 15 Security Update : Multi-Linux Manager Client Tools (SUSE-SU-2025:01989-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01989-1 advisory. golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 fo...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : golang-github-prometheus-node_exporter (SUSE-SU-2025:01988-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01988-1 advisory. golang-github-prometheus-nodeexporter was updated to version 1.9.1: - Security issues fixed:...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2025:01992-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01992-1 advisory. - Security: CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs bsc1238686 CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in...

SUSE SLES12 Security Update : Multi-Linux Manager Client Tools (SUSE-SU-2025:01987-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01987-1 advisory. golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building...

GHSA-65GG-3W2W-HR4H vulnerabilities

Vulnerabilities for packages: prometheus-podman-exporter, prometheus-podman-exporter-fips, falco...

CVE-2025-6032 vulnerabilities

Vulnerabilities for packages: prometheus-podman-exporter, prometheus-podman-exporter-fips, falco...

openSUSE Security Advisory (SUSE-SU-2025:01988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:01990-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:01992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for golang-github-prometheus-prometheus

This update for golang-github-prometheus-prometheus fixes the following issues: Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to version 0.39.0 bsc1238686 Version was updated to 2.53.4 with the following bug fixes: Runtime:...

SUSE-SU-2025:01990-1 Security update for golang-github-prometheus-prometheus

This update for golang-github-prometheus-prometheus fixes the following issues: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bump golang.org/x/net to version 0.39.0 bsc1238686 - Version was updated to 2.53.4 with the following bug fixes:...