[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2020:3624-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":85,"epss":9,"epss_history":86,"metrics":87,"affected":88},"SUSE-SU-2020:3624-1","Security update for crowbar-openstack, grafana, influxdb, python-urllib3\n\nThis update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes:\n\nSecurity fixes included in this update:\n\nopenstack-glance\n- CVE-2016-8611: Added rate limiting for glance api (bnc#1005886)\n\ngrafana\n- CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243)\n\ninfluxdb\n- CVE-2019-20933: Fixed an authentication bypass (bnc#1178988)\n\npython-urlib3\n- CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071).\n- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120)\n\nmemcached\n- CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903).\n\nNon-security fixes included in this update:\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1604938545.30c10db18:\n  * rabbitmq: Fix crm running check (SOC-11240)\n\nChanges in grafana:\n- Fix bnc#1178243 CVE-2020-24303 by adding\n  25401-Fix-XSS-vulnerability-with-series-overrides.patch\n\nChanges in influxdb:\n- Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to\n  fix authentication bypass_\n- Declare license files correctly\n\n- Version 1.2.4:\n  * The stress tool influx_stress will be removed in a subsequent\n    release.\n  * Remove the override of GOMAXPROCS.\n  * Uncomment section headers from the default configuration file.\n  * Improve write performance significantly.\n  * Prune data in meta store for deleted shards.\n  * Update latest dependencies with Godeps.\n  * Introduce syntax for marking a partial response with chunking.\n  * Use X-Forwarded-For IP address in HTTP logger if present.\n  * Add support for secure transmission via collectd.\n  * Switch logging to use structured logging everywhere.\n  * [CLI feature request] USE retention policy for queries.\n  * Add clear command to cli.\n  * Adding ability to use parameters in queries in the v2 client\n    using the Parameters map in the Query struct.\n  * Allow add items to array config via ENV\n  * Support subquery execution in the query language.\n  * Verbose output for SSL connection errors.\n  * Cache snapshotting performance improvements\n\n- Partially revert previous change to fix build for Leap\n\nChanges in python-urllib3:\n- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.\n\n- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for\n  CVE-2019-9740.\n\n- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request\n  method. (bnc#1177120, CVE-2020-26137)\n\n  ",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2016-8611",{"_key":17},"CVE-2019-20933",{"_key":19},"CVE-2019-9740",{"_key":21},"CVE-2020-24303",{"_key":23},"CVE-2020-26137",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2020-12-04T11:50:23Z","2025-05-02T04:10:02.691016Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,52,56,60,64,69,73,77,81],{"url":38,"sources":39,"tags":41},"https://www.suse.com/support/update/announcement/2020/suse-su-20203624-1/",[40],"osv_suse",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1005886",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://bugzilla.suse.com/1170479",[40],[47],{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1177120",[40],[47],{"url":57,"sources":58,"tags":59},"https://bugzilla.suse.com/1178243",[40],[47],{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/1178988",[40],[47],{"url":65,"sources":66,"tags":67},"https://www.suse.com/security/cve/CVE-2016-8611",[40],[68],"WEB",{"url":70,"sources":71,"tags":72},"https://www.suse.com/security/cve/CVE-2019-20933",[40],[68],{"url":74,"sources":75,"tags":76},"https://www.suse.com/security/cve/CVE-2019-9740",[40],[68],{"url":78,"sources":79,"tags":80},"https://www.suse.com/security/cve/CVE-2020-24303",[40],[68],{"url":82,"sources":83,"tags":84},"https://www.suse.com/security/cve/CVE-2020-26137",[40],[68],[],[],[],[89,102,109,116],{"ecosystem":90,"name":91,"vendor":92,"product":93,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":93,"source":9,"versions":95},"SUSE Linux Enterprise","crowbar-openstack","suse","crowbar-openstack&distro=SUSE OpenStack Cloud 7","rpm",[96],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},"lt4_0+git_1604938545_30c10db18_9_77_1",true,"ecosystem","4.0+git.1604938545.30c10db18-9.77.1","excluding",{"ecosystem":90,"name":103,"vendor":92,"product":104,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":104,"source":9,"versions":105},"grafana","grafana&distro=SUSE OpenStack Cloud 7",[106],{"version":107,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":108,"version_end_type":101,"fixed_in":9},"lt6_7_4_1_20_1","6.7.4-1.20.1",{"ecosystem":90,"name":110,"vendor":92,"product":111,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":111,"source":9,"versions":112},"influxdb","influxdb&distro=SUSE OpenStack Cloud 7",[113],{"version":114,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":115,"version_end_type":101,"fixed_in":9},"lt1_2_4_5_1","1.2.4-5.1",{"ecosystem":90,"name":117,"vendor":92,"product":118,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":118,"source":9,"versions":119},"python-urllib3","python-urllib3&distro=SUSE OpenStack Cloud 7",[120],{"version":121,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":122,"version_end_type":101,"fixed_in":9},"lt1_16_3_12_1","1.16-3.12.1"]