[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:2536-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":83,"epss":9,"epss_history":84,"metrics":85,"affected":86},"SUSE-SU-2018:2536-1","Security update for grafana, kafka, logstash and monasca-installer\n\nThis update for grafana, kafka, logstash and monasca-installer fixes the following issues:\n\nThe following security issues have been fixed:\n\ngrafana:\n\n- CVE-2018-12099: Fix Cross-Site-Scripting (XSS) vulnerabilities in dashboard links. (bsc#1096985)\n\nkafka:\n\n- CVE-2018-1288: Authenticated Kafka users may perform action reserved for the Broker via a manually created fetch\n  request interfering with data replication, resulting in data loss. (bsc#1102920)\n\nlogstash:\n\n- CVE-2018-3817: Fix potential leak of sensitive data when logging warnings about deprecated options. (bsc#1090849)\n\nAdditionally, the following non-security issues have been fixed:\n\nmonasca-installer:\n\n- Add complete set of elasticsearch performance tunables.\n- Update to version Build_20180427_14.04 (bsc#1090192, bsc#1090343)\n- Fix bad elasticsearch-curator configuration. (bsc#1090192)\n- Enable bootstrap.memory_lock for Elasticsearch. (bsc#1090343)\n\nlogstash:\n\n- Declare Gemfile as config to prevent loss of installed plugins when updating.\n- Stop installing prebuilt jruby for non-x86.\n\nkafka: \n\n- Update to version 0.10.2.2 (bsc#1102920, CVE-2018-1288)\n- Add noreplace directive for /etc/kafka/server.properties.\n- Reduce package ownership of tmpfiles.d to bare minium. (SLE12 SP2) \n- Set log rotation options. (bsc#1094448)\n- Disable jmxremote debugging. (bsc#1095603)\n- Increase open file limits. (bsc#1086909)\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2018-12099",{"_key":17},"CVE-2018-1288",{"_key":19},"CVE-2018-3817",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2018-08-28T09:05:28Z","2026-02-04T03:02:59.047298Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,37,42,46,50,54,58,62,66,70,75,79],{"url":32,"sources":33,"tags":35},"https://www.suse.com/support/update/announcement/2018/suse-su-20182536-1/",[34],"osv_suse",[36],"Advisory",{"url":38,"sources":39,"tags":40},"https://bugzilla.suse.com/1086909",[34],[41],"REPORT",{"url":43,"sources":44,"tags":45},"https://bugzilla.suse.com/1090192",[34],[41],{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1090343",[34],[41],{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1090849",[34],[41],{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1094448",[34],[41],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1095603",[34],[41],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1096985",[34],[41],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1102920",[34],[41],{"url":71,"sources":72,"tags":73},"https://www.suse.com/security/cve/CVE-2018-12099",[34],[74],"WEB",{"url":76,"sources":77,"tags":78},"https://www.suse.com/security/cve/CVE-2018-1288",[34],[74],{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2018-3817",[34],[74],[],[],[],[87,100,107,114],{"ecosystem":88,"name":89,"vendor":90,"product":91,"cpe_part":9,"purl_type":92,"purl_namespace":90,"purl_name":91,"source":9,"versions":93},"SUSE Linux Enterprise","grafana","suse","grafana&distro=SUSE OpenStack Cloud 7","rpm",[94],{"version":95,"is_range":96,"range_type":97,"version_start":9,"version_start_type":9,"version_end":98,"version_end_type":99,"fixed_in":9},"lt4_5_1_1_8_1",true,"ecosystem","4.5.1-1.8.1","excluding",{"ecosystem":88,"name":101,"vendor":90,"product":102,"cpe_part":9,"purl_type":92,"purl_namespace":90,"purl_name":102,"source":9,"versions":103},"kafka","kafka&distro=SUSE OpenStack Cloud 7",[104],{"version":105,"is_range":96,"range_type":97,"version_start":9,"version_start_type":9,"version_end":106,"version_end_type":99,"fixed_in":9},"lt0_10_2_2_5_1","0.10.2.2-5.1",{"ecosystem":88,"name":108,"vendor":90,"product":109,"cpe_part":9,"purl_type":92,"purl_namespace":90,"purl_name":109,"source":9,"versions":110},"logstash","logstash&distro=SUSE OpenStack Cloud 7",[111],{"version":112,"is_range":96,"range_type":97,"version_start":9,"version_start_type":9,"version_end":113,"version_end_type":99,"fixed_in":9},"lt2_4_1_5_1","2.4.1-5.1",{"ecosystem":88,"name":115,"vendor":90,"product":116,"cpe_part":9,"purl_type":92,"purl_namespace":90,"purl_name":116,"source":9,"versions":117},"monasca-installer","monasca-installer&distro=SUSE OpenStack Cloud 7",[118],{"version":119,"is_range":96,"range_type":97,"version_start":9,"version_start_type":9,"version_end":120,"version_end_type":99,"fixed_in":9},"lt20180608_12_47_9_1","20180608_12.47-9.1"]