SUSE-SU-2026:2243-1 Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter: - Backward Compatibility and packaging changes: - Added compatibility...

CVE-2026-39821 affecting package prometheus-node-exporter for versions less than 1.7.0-4

CVE-2026-39821 affecting package prometheus-node-exporter for versions less than 1.7.0-4. A patched version of the package is available...

CLEANSTART-2026-TL04302 Security fixes for CVE-2025-61727, CVE-2025-61729, ghsa-cgrx-mc8f-2prm, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-vvgc-356p-c3xw applied in versions: 1.10.2-r0, 1.10.2-r1, 1.5.0-r0, 1.9.1-r0

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OS08278 Security fixes for CVE-2025-61727, CVE-2025-61729, ghsa-cgrx-mc8f-2prm, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-vvgc-356p-c3xw applied in versions: 1.10.2-r0, 1.10.2-r1, 1.5.0-r0, 1.9.1-r0

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JT73156 protojson

Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details...

CLEANSTART-2026-FU47971 protojson

Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details...

CLEANSTART-2026-EK72220 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-CQ38405 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-YD87381 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-QE58701 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: newrelic-fluent-bit-output, consul-fips, prometheus-adapter, php-fpmexporter, nvidia-nsight-compute-12.8, linkerd2-proxy-init, wazero-fips, falco, pvc-autoresizer, rancher-machine, gitlab-runner, nvidia-nsight-compute-13.0, vexctl, apm-server-fips, lvm-driver,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: newrelic-fluent-bit-output, consul-fips, prometheus-adapter, php-fpmexporter, nvidia-nsight-compute-12.8, linkerd2-proxy-init, wazero-fips, falco, pvc-autoresizer, rancher-machine, gitlab-runner, nvidia-nsight-compute-13.0, vexctl, apm-server-fips, lvm-driver,...

SUSE-SU-2025:01988-1 Security update for golang-github-prometheus-node_exporter

This update for golang-github-prometheus-nodeexporter fixes the following issues: golang-github-prometheus-nodeexporter was updated to version 1.9.1: - Security issues fixed: CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 bsc1238686 - Other bugs fixed: pressure: Fixed missing IRQ on...

OPENSUSE-SU-2025:15075-1 golang-github-prometheus-node_exporter-1.9.1-3.1 on GA media

These are all security issues fixed in the golang-github-prometheus-nodeexporter-1.9.1-3.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3

CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3. A patched version of the package is available...

AZL-58422 CVE-2025-22870 affecting package prometheus-node-exporter for versions less than 1.7.0-3

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2

CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2. A patched version of the package is available...

Fedora: Security Advisory (FEDORA-2023-654e0ddfd8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : golang-github-prometheus-node-exporter (2023-654e0ddfd8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-654e0ddfd8 advisory. Automatic update for golang-github-prometheus-node-exporter-1.6.1-1.fc40. Changelog Thu Nov 9 2023 Mikel Olasagasti Uranga - 1.6.1-1 - Update to 1.6...

AZL-38473 CVE-2023-45288 affecting package prometheus-node-exporter for versions less than 1.7.0-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...