[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2026:1013-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":36,"duplicates":37,"related":38,"reserved_at":9,"published_at":50,"modified_at":51,"state":9,"summary":52,"references_raw":54,"kevs":192,"epss":9,"epss_history":193,"metrics":194,"affected":195},"SUSE-SU-2026:1013-1","Security update 5.0.7 for Multi-Linux Manager Client Tools\n\nThis update fixes the following issues:\n\ndracut-saltboot:\n\n- Version update to 1.1.0:\n\n  * Retry DHCP requests up to 3 times (bsc#1253004)\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization and update\n\ngolang-github-boynux-squid_exporter:\n\n- Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes (jsc#PED-14971):\n\n  * Added compatibility for Squid 6 and support for the squid-internal-mgr metrics path\n  * Added TLS and Basic Authentication to the exporter’s web interface\n  * Added support for the exporter to authenticate against the Squid proxy itself\n  * Allow the gathering of process information without requiring root privileges\n  * The exporter can now be configured using environment variables\n  * Added support for custom labels to all exported metrics for better data filtering\n  * New metrics to track if Squid is running (squid_up), how long a scrape takes, and if any errors occurred\n  * Added 'service time' metrics to analyze proxy speed and performance.\n  * Added a metric for open file descriptors (process_open_fds) to help prevent connection bottlenecks\n  * Corrected the squid_client_http_requests_total metric to ensure accurate reporting\n\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Version update from 1.0.8 to 1.0.10:\n\n  * Updated github.com/prometheus/client_golang to 1.21.1\n  * Updated github.com/prometheus/common to 0.63.0\n  * Updated github.com/prometheus/exporter-toolkit to 0.14.0\n  * Fixed signal handler logging\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n  * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)\n  * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)\n  * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)\n  * CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)\n  * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):\n\n  * Modernized Interface: Introduced a brand-new UI\n  * Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support\n    for more secure, native cloudauthentication.\n  * Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental\n    to a stable feature.\n  * Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending\n    data to external systems.\n  * Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping\n    operations\n  * Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier\n    to troubleshoot why targets aren't reporting correctly.\n  * Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were\n    accidentally being scraped multiple times\n\ngrafana:\n\n- Security issues fixed:\n\n  * CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136)\n  * CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337)\n  * CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349)\n  * CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n  * CVE-2025-3415: Fixedexposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)\n\n- Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes:\n \n  * Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and\n    removed blurred backgrounds from UI overlays to speed up the interface\n  * One-Click Actions: Visualizations now support faster navigation via one-click links and actions\n  * Alerting History: Added version history for alert rules, allowing you to track changes over time\n  * Service Accounts: Automated the migration of old API keys to more secure Service Accounts upon startup\n  * Cron Support: Annotations now support Cron syntax for more flexible scheduling\n  * Identity and Auth: Hardened the Avatar feature (now requires sign-in) and fixed several login redirection issues\n    when Grafana is hosted on a subpath\n  * Data Source Support: Added support for Cloud Partner Prometheus data sources and improved Azure legend formatting\n  * Alerting Limits: Added size limits for expanded notification templates to prevent system strain\n  * RBAC: Integrated Role-Based Access Control (RBAC) into the Alertmanager via the reqAction field\n  * Data Consistency: Fixed several issues with Graphite and InfluxDB regarding how variables are handled in repeated\n    rows or nested queries\n  * Dashboard Reliability: Resolved bugs involving row repeats and 'self-referencing' data links\n  * Alerting Fixes: Patched a critical 'panic' (crash) caused by a race condition in alert rules and fixed issues where\n    contact points weren't working correctly\n  * URL Handling: Fixed a bug where 'true' values in URL parameters weren't being read correctly\n\nprometheus-blackbox_exporter:\n\n- Non-customer-facing optimization and update\n\nspacecmd:\n\n- Version update to 5.0.15:\n\n  * Fixed typo in spacecmd help ca-cert flag (bsc#1253174)\n  * Convert cached IDs to integer values (bsc#1251995)\n  * Fixed spacecmd binary file upload (bsc#1253659)\n\nuyuni-tools:\n\n- Version update to 0.1.38:\n\n  * Fixed cobbler configuration when migrating to standalone files (bsc#1256803)\n  * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n  * Add ssh tuning to configure sshd (bsc#1253738)\n  * Ignore supportconfig errors (bsc#1255781)\n  * Bumped the default image tag to 5.0.7\n  * Removed cgroup mount for podman containers (bsc#1253347)\n  * Registry flag can be a string (bsc#1254589)\n  * Use static supportconfig name to avoid dynamic search (bsc#1257941)\n\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34],{"_key":15},"CVE-2025-12816",{"_key":17},"CVE-2025-13465",{"_key":19},"CVE-2025-3415",{"_key":21},"CVE-2025-61140",{"_key":23},"CVE-2025-68156",{"_key":25},"CVE-2026-1615",{"_key":27},"CVE-2026-21720",{"_key":29},"CVE-2026-21721",{"_key":31},"CVE-2026-21722",{"_key":33},"CVE-2026-25547",{"_key":35},"CVE-2026-27606",[],[],[39,40,41,42,43,44,45,46,47,48,49],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},"2026-03-25T10:11:52Z","2026-03-26T09:00:33.541819Z",{"cisa_kev":53,"cisa_ransomware":53,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[55,62,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,127,131,135,139,143,147,152,156,160,164,168,172,176,180,184,188],{"url":56,"sources":57,"tags":60},"https://www.suse.com/support/update/announcement/2026/suse-su-20261013-1/",[58,59],"osv_suse","osv_opensuse",[61],"Advisory",{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1245302",[58,59],[66],"REPORT",{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1251995",[58,59],[66],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1253004",[58,59],[66],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1253174",[58,59],[66],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/1253347",[58,59],[66],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/1253659",[58,59],[66],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/1253738",[58,59],[66],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1254589",[58,59],[66],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/1255340",[58,59],[66],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/1255588",[58,59],[66],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/1255781",[58,59],[66],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/1256803",[58,59],[66],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/1257329",[58,59],[66],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/1257337",[58,59],[66],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/1257349",[58,59],[66],{"url":124,"sources":125,"tags":126},"https://bugzilla.suse.com/1257442",[58,59],[66],{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/1257841",[58,59],[66],{"url":132,"sources":133,"tags":134},"https://bugzilla.suse.com/1257897",[58,59],[66],{"url":136,"sources":137,"tags":138},"https://bugzilla.suse.com/1257941",[58,59],[66],{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/1258136",[58,59],[66],{"url":144,"sources":145,"tags":146},"https://bugzilla.suse.com/1258893",[58,59],[66],{"url":148,"sources":149,"tags":150},"https://www.suse.com/security/cve/CVE-2025-12816",[58,59],[151],"WEB",{"url":153,"sources":154,"tags":155},"https://www.suse.com/security/cve/CVE-2025-13465",[58,59],[151],{"url":157,"sources":158,"tags":159},"https://www.suse.com/security/cve/CVE-2025-3415",[58,59],[151],{"url":161,"sources":162,"tags":163},"https://www.suse.com/security/cve/CVE-2025-61140",[58,59],[151],{"url":165,"sources":166,"tags":167},"https://www.suse.com/security/cve/CVE-2025-68156",[58,59],[151],{"url":169,"sources":170,"tags":171},"https://www.suse.com/security/cve/CVE-2026-1615",[58,59],[151],{"url":173,"sources":174,"tags":175},"https://www.suse.com/security/cve/CVE-2026-21720",[58,59],[151],{"url":177,"sources":178,"tags":179},"https://www.suse.com/security/cve/CVE-2026-21721",[58,59],[151],{"url":181,"sources":182,"tags":183},"https://www.suse.com/security/cve/CVE-2026-21722",[58,59],[151],{"url":185,"sources":186,"tags":187},"https://www.suse.com/security/cve/CVE-2026-25547",[58,59],[151],{"url":189,"sources":190,"tags":191},"https://www.suse.com/security/cve/CVE-2026-27606",[58,59],[151],[],[],[],[196,209,216,223,230,237,244,251,257,261,265,269,276,280,284,288,295,299,303,307,314],{"ecosystem":197,"name":198,"vendor":199,"product":200,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":200,"source":9,"versions":202},"openSUSE","dracut-saltboot","opensuse","dracut-saltboot&distro=openSUSE Leap 15.6","rpm",[203],{"version":204,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":207,"version_end_type":208,"fixed_in":9},"lt1_1_0_150000_1_65_1",true,"ecosystem","1.1.0-150000.1.65.1","excluding",{"ecosystem":197,"name":210,"vendor":199,"product":211,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":211,"source":9,"versions":212},"golang-github-boynux-squid_exporter","golang-github-boynux-squid_exporter&distro=openSUSE Leap 15.6",[213],{"version":214,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":215,"version_end_type":208,"fixed_in":9},"lt1_13_0_150000_1_12_1","1.13.0-150000.1.12.1",{"ecosystem":197,"name":217,"vendor":199,"product":218,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":218,"source":9,"versions":219},"golang-github-lusitaniae-apache_exporter","golang-github-lusitaniae-apache_exporter&distro=openSUSE Leap 15.6",[220],{"version":221,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":222,"version_end_type":208,"fixed_in":9},"lt1_0_10_150000_1_26_1","1.0.10-150000.1.26.1",{"ecosystem":197,"name":224,"vendor":199,"product":225,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":225,"source":9,"versions":226},"golang-github-prometheus-promu","golang-github-prometheus-promu&distro=openSUSE Leap 15.6",[227],{"version":228,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":229,"version_end_type":208,"fixed_in":9},"lt0_17_0_150000_3_30_1","0.17.0-150000.3.30.1",{"ecosystem":197,"name":231,"vendor":199,"product":232,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":232,"source":9,"versions":233},"golang-github-QubitProducts-exporter_exporter","golang-github-QubitProducts-exporter_exporter&distro=openSUSE Leap 15.6",[234],{"version":235,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":236,"version_end_type":208,"fixed_in":9},"lt0_4_0_150000_1_21_1","0.4.0-150000.1.21.1",{"ecosystem":197,"name":238,"vendor":199,"product":239,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":239,"source":9,"versions":240},"prometheus-blackbox_exporter","prometheus-blackbox_exporter&distro=openSUSE Leap 15.6",[241],{"version":242,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":243,"version_end_type":208,"fixed_in":9},"lt0_26_0_150000_1_30_2","0.26.0-150000.1.30.2",{"ecosystem":197,"name":245,"vendor":199,"product":246,"cpe_part":9,"purl_type":201,"purl_namespace":199,"purl_name":246,"source":9,"versions":247},"spacecmd","spacecmd&distro=openSUSE Leap 15.6",[248],{"version":249,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":250,"version_end_type":208,"fixed_in":9},"lt5_0_15_150000_3_142_1","5.0.15-150000.3.142.1",{"ecosystem":252,"name":198,"vendor":253,"product":254,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":254,"source":9,"versions":255},"SUSE Linux Enterprise","suse","dracut-saltboot&distro=SUSE Manager Client Tools 15",[256],{"version":204,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":207,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":198,"vendor":253,"product":258,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":258,"source":9,"versions":259},"dracut-saltboot&distro=SUSE Manager Client Tools for SLE Micro 5",[260],{"version":204,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":207,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":210,"vendor":253,"product":262,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":262,"source":9,"versions":263},"golang-github-boynux-squid_exporter&distro=SUSE Manager Client Tools 15",[264],{"version":214,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":215,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":217,"vendor":253,"product":266,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":266,"source":9,"versions":267},"golang-github-lusitaniae-apache_exporter&distro=SUSE Manager Client Tools 15",[268],{"version":221,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":222,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":270,"vendor":253,"product":271,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":271,"source":9,"versions":272},"golang-github-prometheus-prometheus","golang-github-prometheus-prometheus&distro=SUSE Manager Client Tools 15",[273],{"version":274,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":275,"version_end_type":208,"fixed_in":9},"lt3_5_0_150000_3_67_1","3.5.0-150000.3.67.1",{"ecosystem":252,"name":224,"vendor":253,"product":277,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":277,"source":9,"versions":278},"golang-github-prometheus-promu&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7",[279],{"version":228,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":229,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":231,"vendor":253,"product":281,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":281,"source":9,"versions":282},"golang-github-QubitProducts-exporter_exporter&distro=SUSE Manager Client Tools 15",[283],{"version":235,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":236,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":231,"vendor":253,"product":285,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":285,"source":9,"versions":286},"golang-github-QubitProducts-exporter_exporter&distro=SUSE Manager Client Tools for SLE Micro 5",[287],{"version":235,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":236,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":289,"vendor":253,"product":290,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":290,"source":9,"versions":291},"grafana","grafana&distro=SUSE Manager Client Tools 15",[292],{"version":293,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":294,"version_end_type":208,"fixed_in":9},"lt11_6_11_150000_1_90_1","11.6.11-150000.1.90.1",{"ecosystem":252,"name":238,"vendor":253,"product":296,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":296,"source":9,"versions":297},"prometheus-blackbox_exporter&distro=SUSE Manager Client Tools 15",[298],{"version":242,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":243,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":238,"vendor":253,"product":300,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":300,"source":9,"versions":301},"prometheus-blackbox_exporter&distro=SUSE Manager Client Tools for SLE Micro 5",[302],{"version":242,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":243,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":245,"vendor":253,"product":304,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":304,"source":9,"versions":305},"spacecmd&distro=SUSE Manager Client Tools 15",[306],{"version":249,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":250,"version_end_type":208,"fixed_in":9},{"ecosystem":252,"name":308,"vendor":253,"product":309,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":309,"source":9,"versions":310},"uyuni-tools","uyuni-tools&distro=SUSE Manager Client Tools 15",[311],{"version":312,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":313,"version_end_type":208,"fixed_in":9},"lt0_1_38_150000_1_30_1","0.1.38-150000.1.30.1",{"ecosystem":252,"name":308,"vendor":253,"product":315,"cpe_part":9,"purl_type":201,"purl_namespace":253,"purl_name":315,"source":9,"versions":316},"uyuni-tools&distro=SUSE Manager Client Tools for SLE Micro 5",[317],{"version":312,"is_range":205,"range_type":206,"version_start":9,"version_start_type":9,"version_end":313,"version_end_type":208,"fixed_in":9}]