[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:01989-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":143,"epss":9,"epss_history":144,"metrics":145,"affected":146},"SUSE-SU-2025:01989-1","Security update for Multi-Linux Manager Client Tools\n\nThis update fixes the following issues:\n\ngolang-github-prometheus-prometheus was updated to version 2.53.4:\n    \n- Security issues fixed:\n  * CVE-2023-45288: Require Go >= 1.23 for building (bsc#1236516)\n  * CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 (bsc#1238686)\n\n- Other bugs fixes from version 2.53.4:   \n  * Runtime: fixed GOGC being set to 0 when installed\n    with empty prometheus.yml file resulting high cpu usage\n  * Scrape: fixed dropping valid metrics after previous\n    scrape failed\n    \nprometheus-blackbox_exporter was updated from version 0.24.0 to 0.26.0 (jsc#PED-12872):   \n\n- Security issues fixed:\n  * CVE-2025-22870: Fixed proxy bypassing using IPv6 zone IDs (bsc#1238680)\n  * CVE-2023-45288: Fixed closing connections when receiving too many headers (bsc#1236515)\n\n- Other changes from version 0.26.0:\n  * Changes:\n    + Replace go-kit/log with log/slog module.\n  * Features:\n    + Add metric to record tls ciphersuite negotiated during\n      handshake.\n    + Add a way to export labels with content matched by the probe.\n      Reports Certificate Serial number.\n  * Enhancement:\n    + Add stale workflow to start sync with stale.yaml in Prometheus.\n  * Bug fixes:\n    + Only register grpc TLS metrics on successful handshake.\n\n- Other changes from version 0.25.0:\n  * Features:\n    + Allow to get Probe logs by target.\n    + Log errors from probe.\n  * Bug fixes:\n    + Prevent logging confusing error message.\n    + Explicit registration of internal exporter metrics.\n\ngrafana was updated from version 10.4.15 to 11.5.5 (jsc#PED-12918):\n\n- Security issues fixed:\n  * CVE-2025-4123: Fix cross-site scripting vulnerability (bsc#1243714).\n  * CVE-2025-22872: Bump golang.org/x/net/html (bsc#1241809)\n  * CVE-2025-3580: Prevent unauthorized server admin deletion (bsc#1243672).\n  * CVE-2025-29923: Bump github.com/redis/go-redis/v9 to 9.6.3.\n  * CVE-2025-3454: Sanitize paths before evaluating access to route (bsc#1241683).\n  * CVE-2025-2703: Fix built-in XY Chart plugin (bsc#1241687).\n  * CVE-2025-22870: Bump golang.org/x/net (bsc#1238703).\n  * CVE-2024-9476: Fix Migration Assistant issue (bsc#1233343)\n  * CVE-2024-9264: SQL Expressions (bsc#1231844)\n  * CVE-2023-45288: Bump golang.org/x/net (bsc#1236510)\n  * CVE-2025-22870: Bump golang.org/x/net to version 0.37.0 (bsc#1238686)\n\n- Potential breaking changes in version 11.5.0:\n  * Loki: Default to /labels API with query param instead of /series API.\n\n- Potential breaking changes in version 11.0.1:\n  * If you had selected your language as 'Portugu�s Brasileiro'\n    previously, this will be reset. You have to select it again in\n    your Preferences for the fix to be applied and the translations\n    will then be shown.\n\n- Potential breaking changes in version 11.0.0:\n  * AngularJS support is turned off by default.\n  * Legacy alerting is entirely removed.\n  * Subfolders cause very rare issues with folders which have\n    slashes in their names.\n  * The input data source is removed.\n  * Data sources: Responses which are associated with hidden\n    queries will be removed (filtered) by Grafana.\n  * The URL which is generated when viewing an individual repeated\n    panel has changed.\n  * React Router is deprecated.\n  * The grafana/e2e testing tool is deprecated.\n    \n- This update brings many new features, enhancements and fixes highlighted at:\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-5/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-4/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-3/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-2/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-1/\n  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v11-0/\n  ",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2023-45288",{"_key":17},"CVE-2024-9264",{"_key":19},"CVE-2024-9476",{"_key":21},"CVE-2025-22870",{"_key":23},"CVE-2025-22872",{"_key":25},"CVE-2025-2703",{"_key":27},"CVE-2025-29923",{"_key":29},"CVE-2025-3454",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2025-06-18T02:11:23Z","2026-02-04T04:25:33.956214Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,53,58,62,66,70,74,78,82,86,90,94,98,102,106,110,115,119,123,127,131,135,139],{"url":47,"sources":48,"tags":51},"https://www.suse.com/support/update/announcement/2025/suse-su-202501989-1/",[49,50],"osv_suse","osv_opensuse",[52],"Advisory",{"url":54,"sources":55,"tags":56},"https://bugzilla.suse.com/1208752",[49,50],[57],"REPORT",{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1231844",[49,50],[57],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1233343",[49,50],[57],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1236510",[49,50],[57],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1236515",[49,50],[57],{"url":75,"sources":76,"tags":77},"https://bugzilla.suse.com/1236516",[49,50],[57],{"url":79,"sources":80,"tags":81},"https://bugzilla.suse.com/1238680",[49,50],[57],{"url":83,"sources":84,"tags":85},"https://bugzilla.suse.com/1238686",[49,50],[57],{"url":87,"sources":88,"tags":89},"https://bugzilla.suse.com/1238703",[49,50],[57],{"url":91,"sources":92,"tags":93},"https://bugzilla.suse.com/1241683",[49,50],[57],{"url":95,"sources":96,"tags":97},"https://bugzilla.suse.com/1241687",[49,50],[57],{"url":99,"sources":100,"tags":101},"https://bugzilla.suse.com/1241809",[49,50],[57],{"url":103,"sources":104,"tags":105},"https://bugzilla.suse.com/1243672",[49,50],[57],{"url":107,"sources":108,"tags":109},"https://bugzilla.suse.com/1243714",[49,50],[57],{"url":111,"sources":112,"tags":113},"https://www.suse.com/security/cve/CVE-2023-45288",[49,50],[114],"WEB",{"url":116,"sources":117,"tags":118},"https://www.suse.com/security/cve/CVE-2024-9264",[49,50],[114],{"url":120,"sources":121,"tags":122},"https://www.suse.com/security/cve/CVE-2024-9476",[49,50],[114],{"url":124,"sources":125,"tags":126},"https://www.suse.com/security/cve/CVE-2025-22870",[49,50],[114],{"url":128,"sources":129,"tags":130},"https://www.suse.com/security/cve/CVE-2025-22872",[49,50],[114],{"url":132,"sources":133,"tags":134},"https://www.suse.com/security/cve/CVE-2025-2703",[49,50],[114],{"url":136,"sources":137,"tags":138},"https://www.suse.com/security/cve/CVE-2025-29923",[49,50],[114],{"url":140,"sources":141,"tags":142},"https://www.suse.com/security/cve/CVE-2025-3454",[49,50],[114],[],[],[],[147,160,169,176,180,184],{"ecosystem":148,"name":149,"vendor":150,"product":151,"cpe_part":9,"purl_type":152,"purl_namespace":150,"purl_name":151,"source":9,"versions":153},"openSUSE","prometheus-blackbox_exporter","opensuse","prometheus-blackbox_exporter&distro=openSUSE Leap 15.6","rpm",[154],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},"lt0_26_0_150000_1_27_1",true,"ecosystem","0.26.0-150000.1.27.1","excluding",{"ecosystem":161,"name":162,"vendor":163,"product":164,"cpe_part":9,"purl_type":152,"purl_namespace":163,"purl_name":164,"source":9,"versions":165},"SUSE Linux Enterprise","golang-github-prometheus-prometheus","suse","golang-github-prometheus-prometheus&distro=SUSE Manager Client Tools 15",[166],{"version":167,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":168,"version_end_type":159,"fixed_in":9},"lt2_53_4_150000_3_62_2","2.53.4-150000.3.62.2",{"ecosystem":161,"name":170,"vendor":163,"product":171,"cpe_part":9,"purl_type":152,"purl_namespace":163,"purl_name":171,"source":9,"versions":172},"grafana","grafana&distro=SUSE Manager Client Tools 15",[173],{"version":174,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":175,"version_end_type":159,"fixed_in":9},"lt11_5_5_150000_1_79_1","11.5.5-150000.1.79.1",{"ecosystem":161,"name":149,"vendor":163,"product":177,"cpe_part":9,"purl_type":152,"purl_namespace":163,"purl_name":177,"source":9,"versions":178},"prometheus-blackbox_exporter&distro=SUSE Manager Client Tools 15",[179],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":161,"name":149,"vendor":163,"product":181,"cpe_part":9,"purl_type":152,"purl_namespace":163,"purl_name":181,"source":9,"versions":182},"prometheus-blackbox_exporter&distro=SUSE Manager Client Tools for SLE Micro 5",[183],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9},{"ecosystem":161,"name":149,"vendor":163,"product":185,"cpe_part":9,"purl_type":152,"purl_namespace":163,"purl_name":185,"source":9,"versions":186},"prometheus-blackbox_exporter&distro=SUSE Manager Proxy Module 4.3",[187],{"version":155,"is_range":156,"range_type":157,"version_start":9,"version_start_type":9,"version_end":158,"version_end_type":159,"fixed_in":9}]