[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:01987-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":142,"epss":9,"epss_history":143,"metrics":144,"affected":145},"SUSE-SU-2025:01987-1","Security update for Multi-Linux Manager Client Tools\n\nThis update fixes the following issues:\n\ngolang-github-prometheus-prometheus was updated to version 2.53.4:\n    \n- Security issues fixed:\n  * CVE-2023-45288: Require Go >= 1.23 for building (bsc#1236516)\n  * CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)\n\n- Other bugs fixes from version 2.53.4:   \n  * Runtime: fixed GOGC being set to 0 when installed\n    with empty prometheus.yml file resulting high cpu usage\n  * Scrape: fixed dropping valid metrics after previous\n    scrape failed\n    \nprometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872):   \n\n- Security issues fixed:\n  * CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)\n  * CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)\n\n- Other changes from version 0.26.0:\n  * Changes:\n    + Replace go-kit/log with log/slog module.\n  * Features:\n    + Add metric to record tls ciphersuite negotiated during\n      handshake.\n    + Add a way to export labels with content matched by the probe.\n      Reports Certificate Serial number.\n  * Enhancement:\n    + Add stale workflow to start sync with stale.yaml in Prometheus.\n  * Bug fixes:\n    + Only register grpc TLS metrics on successful handshake.\n\n- Other changes from version 0.25.0:\n  * Features:\n    + Allow to get Probe logs by target.\n    + Log errors from probe.\n  * Bug fixes:\n    + Prevent logging confusing error message.\n    + Explicit registration of internal exporter metrics.\n\ngrafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):\n\n- Security issues fixed:\n  * CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).\n  * CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)\n  * CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).\n  * CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.\n  * CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).\n  * CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).\n  * CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).\n  * CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)\n  * CVE-2024-9264: SQL Expressions (bsc#1231844)\n  * CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)\n  * CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)\n\n- Potential breaking changes in version 11.5.0:\n  * Loki: Default to /labels API with query param instead of /series API.\n\n- Potential breaking changes in version 11.0.1:\n  * If you had selected your language as 'Portugu�s Brasileiro'\n    previously, this will be reset. You have to select it again in\n    your Preferences for the fix to be applied and the translations\n    will then be shown.\n\n- Potential breaking changes in version 11.0.0:\n  * AngularJS support is turned off by default.\n  * Legacy alerting is entirely removed.\n  * Subfolders cause very rare issues with folders which have\n    slashes in their names.\n  * The input data source is removed.\n  * Data sources: Responses which are associated with hidden\n    queries will be removed (filtered) by Grafana.\n  * The URL which is generated when viewing an individual repeated\n    panel has changed.\n  * React Router is deprecated.\n  * The grafana/e2e testing tool is deprecated.\n    \n- This update brings many new features, enhancements and fixes highlighted at:\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/\n    \ngolang-github-prometheus-node_exporter was updated to version 1.9.1:\n    \n- Security issues fixed:\n  * CVE-2025-22870: Bumped golang.org/x/net to version 0.37.0 (bsc#1238686)\n   \n- Other changes from version 1.9.1:\n  * pressure: Fix missing IRQ on older kernels\n  * Fix Darwin memory leak\n    \ngolang-github-prometheus-alertmanager:\n    \n- Security issues fixed: \n  * CVE-2025-22870: Fix proxy bypassing using IPv6 zone IDs (bsc#1238686)\n  * CVE-2023-45288: Fix HTTP/2 CONTINUATION flood in net/http (bsc#1236516)\n  ",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2023-45288",{"_key":17},"CVE-2024-9264",{"_key":19},"CVE-2024-9476",{"_key":21},"CVE-2025-22870",{"_key":23},"CVE-2025-22872",{"_key":25},"CVE-2025-2703",{"_key":27},"CVE-2025-29923",{"_key":29},"CVE-2025-3454",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2025-06-18T02:09:10Z","2026-02-04T02:32:42.592727Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,97,101,105,109,114,118,122,126,130,134,138],{"url":47,"sources":48,"tags":50},"https://www.suse.com/support/update/announcement/2025/suse-su-202501987-1/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1208752",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1231844",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1233343",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1236510",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/1236515",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/1236516",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/1238680",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/1238686",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1238703",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/1241683",[49],[56],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/1241687",[49],[56],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/1241809",[49],[56],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/1243672",[49],[56],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/1243714",[49],[56],{"url":110,"sources":111,"tags":112},"https://www.suse.com/security/cve/CVE-2023-45288",[49],[113],"WEB",{"url":115,"sources":116,"tags":117},"https://www.suse.com/security/cve/CVE-2024-9264",[49],[113],{"url":119,"sources":120,"tags":121},"https://www.suse.com/security/cve/CVE-2024-9476",[49],[113],{"url":123,"sources":124,"tags":125},"https://www.suse.com/security/cve/CVE-2025-22870",[49],[113],{"url":127,"sources":128,"tags":129},"https://www.suse.com/security/cve/CVE-2025-22872",[49],[113],{"url":131,"sources":132,"tags":133},"https://www.suse.com/security/cve/CVE-2025-2703",[49],[113],{"url":135,"sources":136,"tags":137},"https://www.suse.com/security/cve/CVE-2025-29923",[49],[113],{"url":139,"sources":140,"tags":141},"https://www.suse.com/security/cve/CVE-2025-3454",[49],[113],[],[],[],[146,159,166,170,174,181,188],{"ecosystem":147,"name":148,"vendor":149,"product":150,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":150,"source":9,"versions":152},"SUSE Linux Enterprise","golang-github-prometheus-alertmanager","suse","golang-github-prometheus-alertmanager&distro=SUSE Manager Client Tools 12","rpm",[153],{"version":154,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":157,"version_end_type":158,"fixed_in":9},"lt0_26_0_1_31_2",true,"ecosystem","0.26.0-1.31.2","excluding",{"ecosystem":147,"name":160,"vendor":149,"product":161,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":161,"source":9,"versions":162},"golang-github-prometheus-node_exporter","golang-github-prometheus-node_exporter&distro=SUSE Linux Enterprise Server 12 SP5-LTSS",[163],{"version":164,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":165,"version_end_type":158,"fixed_in":9},"lt1_9_1_1_36_2","1.9.1-1.36.2",{"ecosystem":147,"name":160,"vendor":149,"product":167,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":167,"source":9,"versions":168},"golang-github-prometheus-node_exporter&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",[169],{"version":164,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":165,"version_end_type":158,"fixed_in":9},{"ecosystem":147,"name":160,"vendor":149,"product":171,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":171,"source":9,"versions":172},"golang-github-prometheus-node_exporter&distro=SUSE Manager Client Tools 12",[173],{"version":164,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":165,"version_end_type":158,"fixed_in":9},{"ecosystem":147,"name":175,"vendor":149,"product":176,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":176,"source":9,"versions":177},"golang-github-prometheus-prometheus","golang-github-prometheus-prometheus&distro=SUSE Manager Client Tools 12",[178],{"version":179,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":180,"version_end_type":158,"fixed_in":9},"lt2_53_4_1_60_2","2.53.4-1.60.2",{"ecosystem":147,"name":182,"vendor":149,"product":183,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":183,"source":9,"versions":184},"grafana","grafana&distro=SUSE Manager Client Tools 12",[185],{"version":186,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":187,"version_end_type":158,"fixed_in":9},"lt11_5_5_1_79_2","11.5.5-1.79.2",{"ecosystem":147,"name":189,"vendor":149,"product":190,"cpe_part":9,"purl_type":151,"purl_namespace":149,"purl_name":190,"source":9,"versions":191},"prometheus-blackbox_exporter","prometheus-blackbox_exporter&distro=SUSE Manager Client Tools 12",[192],{"version":193,"is_range":155,"range_type":156,"version_start":9,"version_start_type":9,"version_end":194,"version_end_type":158,"fixed_in":9},"lt0_26_0_1_27_1","0.26.0-1.27.1"]