[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2025:20073-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":47,"epss":9,"epss_history":48,"metrics":49,"affected":50},"OPENSUSE-SU-2025:20073-1","Security update for alloy\n\nThis update for alloy fixes the following issues:\n\n- CVE-2025-58058: Removed dependency on vulnerable github.com/ulikunitz/xz (bsc#1248960).\n- CVE-2025-11065: Fixed sensitive information leak in logs (bsc#1250621).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-11065",{"_key":17},"CVE-2025-58058",[],[],[21,22],{"_key":15},{"_key":17},"2025-11-20T17:26:16Z","2026-03-23T04:54:16.428452Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,38,43],{"url":29,"sources":30,"tags":32},"https://bugzilla.suse.com/1248960",[31],"osv_opensuse",[33],"REPORT",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1250621",[31],[33],{"url":39,"sources":40,"tags":41},"https://www.suse.com/security/cve/CVE-2025-11065",[31],[42],"WEB",{"url":44,"sources":45,"tags":46},"https://www.suse.com/security/cve/CVE-2025-58058",[31],[42],[],[],[],[51],{"ecosystem":52,"name":53,"vendor":54,"product":55,"cpe_part":9,"purl_type":56,"purl_namespace":54,"purl_name":55,"source":9,"versions":57},"openSUSE","alloy","opensuse","alloy&distro=openSUSE Leap 16.0","rpm",[58],{"version":59,"is_range":60,"range_type":61,"version_start":9,"version_start_type":9,"version_end":62,"version_end_type":63,"fixed_in":9},"lt1_11_3_160000_1_1",true,"ecosystem","1.11.3-160000.1.1","excluding"]