[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2022:3338-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":28,"duplicates":29,"related":30,"reserved_at":9,"published_at":38,"modified_at":39,"state":9,"summary":40,"references_raw":42,"kevs":103,"epss":9,"epss_history":104,"metrics":105,"affected":106},"SUSE-SU-2022:3338-1","Security update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma\n\nThis update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma fixes the following issues:\n\nSecurity updates included on this update:\n\nardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, rabbitmq-server:\n- CVE-2020-1734: Fixed vulnerability where shell was enabled by default in a pipe lookup plugin subprocess. (SOC-11662, bnc#1164139)\n- CVE-2021-44716: Fixed uncontrolled memory consumption in go's net/http. (bsc#1193597)\n- CVE-2019-11287: Fixed DoS via 'X-Reason' HTTP Header in malicious Erlang format string. (bsc#1157665)\n\ngrafana:\n- CVE-2021-39226: Fixed snapshot authentication bypass (bsc#1191454).\n- CVE-2021-44716: Fixed uncontrolled memory consumption in go's net/http (bsc#1193597).\n\npython-Django:\n- CVE-2022-28346: Fixed vulnerability that could lead to SQL injection in QuerySet.annotate(),aggregate() and extra(). (bsc#1198398)\n- CVE-2022-34265: Fixed vulnerability that could lead to SQL injection via Trunc(kind) and Extract(lookup_name) arguments. (bsc#1201186)\n\nrubygem puma:\n- CVE-2022-24790: Fixed HTTP request smuggling vulnerability. (bsc#1197818)\n\nAdditional information about the this update:\n\nChanges in ardana-ansible:\n- Update to version 8.0+git.1660773729.3789a6d:\n  * Mitigate CVE-2020-1734 (SOC-11662)\n\nChanges in ardana-cobbler:\n- Update to version 8.0+git.1660773402.d845a45:\n  * Mitigate CVE-2020-1734 (SOC-11662)\n\nChanges in grafana:\n- Add CVE-2021-39226 patch (bsc#1191454, CVE-2021-39226)\n  * snapshot authentication bypass\n\n- Bump Go to 1.16 (bsc#1193597, CVE-2021-44716)\n  * Fix Go net/http: limit growth of header canonicalization cache.\n\nChanges in openstack-heat-templates:\n- Update to version 0.0.0+git.1654529662.75fa04a:\n  * doc: Comment out language option\n\nChanges in openstack-murano:\n- Update to version murano-4.0.2.dev3:\n  * [stable-only] Remove periodic-stable-jobs template\n\nChanges in openstack-murano:\n- Update to version murano-4.0.2.dev3:\n  * [stable-only] Remove periodic-stable-jobs template\n\nChanges in rabbitmq-server:\n- add explanation-format patch to fix CVE-2019-11287 (bsc#1157665)\n\nChanges in python-Django:\n- Rename Django-1.11.29.tar.gz.asc to Django-1.11.29.tar.gz.checksums.txt\n  to avoid source_validator incorrectly trying to use it as a detached\n  signature file for the sources tarball.\n- Remove unnecessary project.diff file.\n\n- Add CVE-2022-28346 patch (bsc#1198398, CVE-2022-28346)\n    * Potential SQL injection in QuerySet.annotate(),aggregate() and extra()\n- Add CVE-2022-34265 patch (bsc#1201186, CVE-2022-34265)\n    * SQL injection via Trunc(kind) and Extract(lookup_name) arguments\n\nChanges in rubygem-puma:\n- Add CVE-2022-24790: Fixed HTTP request smuggling vulnerability (bsc#1197818).\n\n  ",null,[],[],[],[14,16,18,20,22,24,26],{"_key":15},"CVE-2019-11287",{"_key":17},"CVE-2020-1734",{"_key":19},"CVE-2021-39226",{"_key":21},"CVE-2021-44716",{"_key":23},"CVE-2022-24790",{"_key":25},"CVE-2022-28346",{"_key":27},"CVE-2022-34265",[],[],[31,32,33,34,35,36,37],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},"2022-09-22T14:15:54Z","2026-02-04T04:24:21.060845Z",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[43,49,54,58,62,66,70,74,79,83,87,91,95,99],{"url":44,"sources":45,"tags":47},"https://www.suse.com/support/update/announcement/2022/suse-su-20223338-1/",[46],"osv_suse",[48],"Advisory",{"url":50,"sources":51,"tags":52},"https://bugzilla.suse.com/1157665",[46],[53],"REPORT",{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1191454",[46],[53],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1193597",[46],[53],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1197818",[46],[53],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1198398",[46],[53],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1201186",[46],[53],{"url":75,"sources":76,"tags":77},"https://www.suse.com/security/cve/CVE-2019-11287",[46],[78],"WEB",{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2020-1734",[46],[78],{"url":84,"sources":85,"tags":86},"https://www.suse.com/security/cve/CVE-2021-39226",[46],[78],{"url":88,"sources":89,"tags":90},"https://www.suse.com/security/cve/CVE-2021-44716",[46],[78],{"url":92,"sources":93,"tags":94},"https://www.suse.com/security/cve/CVE-2022-24790",[46],[78],{"url":96,"sources":97,"tags":98},"https://www.suse.com/security/cve/CVE-2022-28346",[46],[78],{"url":100,"sources":101,"tags":102},"https://www.suse.com/security/cve/CVE-2022-34265",[46],[78],[],[],[],[107,120,124,131,135,142,146,150,157,161,165,172,176,180,185,189,193,200,204,208,215,219,223,230,237,241,248,253,260],{"ecosystem":108,"name":109,"vendor":110,"product":111,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":111,"source":9,"versions":113},"SUSE Linux Enterprise","ardana-ansible","suse","ardana-ansible&distro=HPE Helion OpenStack 8","rpm",[114],{"version":115,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":118,"version_end_type":119,"fixed_in":9},"lt8_0+git_1660773729_3789a6d_3_85_1",true,"ecosystem","8.0+git.1660773729.3789a6d-3.85.1","excluding",{"ecosystem":108,"name":109,"vendor":110,"product":121,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":121,"source":9,"versions":122},"ardana-ansible&distro=SUSE OpenStack Cloud 8",[123],{"version":115,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":118,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":125,"vendor":110,"product":126,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":126,"source":9,"versions":127},"ardana-cobbler","ardana-cobbler&distro=HPE Helion OpenStack 8",[128],{"version":129,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":130,"version_end_type":119,"fixed_in":9},"lt8_0+git_1660773402_d845a45_3_47_1","8.0+git.1660773402.d845a45-3.47.1",{"ecosystem":108,"name":125,"vendor":110,"product":132,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":132,"source":9,"versions":133},"ardana-cobbler&distro=SUSE OpenStack Cloud 8",[134],{"version":129,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":130,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":136,"vendor":110,"product":137,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":137,"source":9,"versions":138},"grafana","grafana&distro=HPE Helion OpenStack 8",[139],{"version":140,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":141,"version_end_type":119,"fixed_in":9},"lt6_7_4_4_23_1","6.7.4-4.23.1",{"ecosystem":108,"name":136,"vendor":110,"product":143,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":143,"source":9,"versions":144},"grafana&distro=SUSE OpenStack Cloud 8",[145],{"version":140,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":141,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":136,"vendor":110,"product":147,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":147,"source":9,"versions":148},"grafana&distro=SUSE OpenStack Cloud Crowbar 8",[149],{"version":140,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":141,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":151,"vendor":110,"product":152,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":152,"source":9,"versions":153},"openstack-heat-templates","openstack-heat-templates&distro=HPE Helion OpenStack 8",[154],{"version":155,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":156,"version_end_type":119,"fixed_in":9},"lt0_0_0+git_1654529662_75fa04a_3_27_1","0.0.0+git.1654529662.75fa04a-3.27.1",{"ecosystem":108,"name":151,"vendor":110,"product":158,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":158,"source":9,"versions":159},"openstack-heat-templates&distro=SUSE OpenStack Cloud 8",[160],{"version":155,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":156,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":151,"vendor":110,"product":162,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":162,"source":9,"versions":163},"openstack-heat-templates&distro=SUSE OpenStack Cloud Crowbar 8",[164],{"version":155,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":156,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":166,"vendor":110,"product":167,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":167,"source":9,"versions":168},"openstack-murano-doc","openstack-murano-doc&distro=HPE Helion OpenStack 8",[169],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},"lt4_0_2~dev3_3_12_1","4.0.2~dev3-3.12.1",{"ecosystem":108,"name":166,"vendor":110,"product":173,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":173,"source":9,"versions":174},"openstack-murano-doc&distro=SUSE OpenStack Cloud 8",[175],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":166,"vendor":110,"product":177,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":177,"source":9,"versions":178},"openstack-murano-doc&distro=SUSE OpenStack Cloud Crowbar 8",[179],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":181,"vendor":110,"product":182,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":182,"source":9,"versions":183},"openstack-murano","openstack-murano&distro=HPE Helion OpenStack 8",[184],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":181,"vendor":110,"product":186,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":186,"source":9,"versions":187},"openstack-murano&distro=SUSE OpenStack Cloud 8",[188],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":181,"vendor":110,"product":190,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":190,"source":9,"versions":191},"openstack-murano&distro=SUSE OpenStack Cloud Crowbar 8",[192],{"version":170,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":194,"vendor":110,"product":195,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":195,"source":9,"versions":196},"python-Django","python-Django&distro=HPE Helion OpenStack 8",[197],{"version":198,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":119,"fixed_in":9},"lt1_11_29_3_42_1","1.11.29-3.42.1",{"ecosystem":108,"name":194,"vendor":110,"product":201,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":201,"source":9,"versions":202},"python-Django&distro=SUSE OpenStack Cloud 8",[203],{"version":198,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":194,"vendor":110,"product":205,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":205,"source":9,"versions":206},"python-Django&distro=SUSE OpenStack Cloud Crowbar 8",[207],{"version":198,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":209,"vendor":110,"product":210,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":210,"source":9,"versions":211},"rabbitmq-server","rabbitmq-server&distro=HPE Helion OpenStack 8",[212],{"version":213,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":214,"version_end_type":119,"fixed_in":9},"lt3_6_16_3_13_1","3.6.16-3.13.1",{"ecosystem":108,"name":209,"vendor":110,"product":216,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":216,"source":9,"versions":217},"rabbitmq-server&distro=SUSE OpenStack Cloud 8",[218],{"version":213,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":214,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":209,"vendor":110,"product":220,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":220,"source":9,"versions":221},"rabbitmq-server&distro=SUSE OpenStack Cloud Crowbar 8",[222],{"version":213,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":214,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":224,"vendor":110,"product":225,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":225,"source":9,"versions":226},"rubygem-puma","rubygem-puma&distro=SUSE OpenStack Cloud Crowbar 8",[227],{"version":228,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":229,"version_end_type":119,"fixed_in":9},"lt2_16_0_3_18_1","2.16.0-3.18.1",{"ecosystem":108,"name":231,"vendor":110,"product":232,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":232,"source":9,"versions":233},"venv-openstack-heat","venv-openstack-heat&distro=HPE Helion OpenStack 8",[234],{"version":235,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":236,"version_end_type":119,"fixed_in":9},"lt9_0_8~dev22_12_45_1","9.0.8~dev22-12.45.1",{"ecosystem":108,"name":231,"vendor":110,"product":238,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":238,"source":9,"versions":239},"venv-openstack-heat&distro=SUSE OpenStack Cloud 8",[240],{"version":235,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":236,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":242,"vendor":110,"product":243,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":243,"source":9,"versions":244},"venv-openstack-horizon-hpe","venv-openstack-horizon-hpe&distro=HPE Helion OpenStack 8",[245],{"version":246,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":247,"version_end_type":119,"fixed_in":9},"lt12_0_5~dev6_14_48_1","12.0.5~dev6-14.48.1",{"ecosystem":108,"name":249,"vendor":110,"product":250,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":250,"source":9,"versions":251},"venv-openstack-horizon","venv-openstack-horizon&distro=SUSE OpenStack Cloud 8",[252],{"version":246,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":247,"version_end_type":119,"fixed_in":9},{"ecosystem":108,"name":254,"vendor":110,"product":255,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":255,"source":9,"versions":256},"venv-openstack-murano","venv-openstack-murano&distro=HPE Helion OpenStack 8",[257],{"version":258,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":259,"version_end_type":119,"fixed_in":9},"lt4_0_2~dev3_12_38_1","4.0.2~dev3-12.38.1",{"ecosystem":108,"name":254,"vendor":110,"product":261,"cpe_part":9,"purl_type":112,"purl_namespace":110,"purl_name":261,"source":9,"versions":262},"venv-openstack-murano&distro=SUSE OpenStack Cloud 8",[263],{"version":258,"is_range":116,"range_type":117,"version_start":9,"version_start_type":9,"version_end":259,"version_end_type":119,"fixed_in":9}]