suse-su-2023:3875-1
Vulnerability from csaf_suse
Published
2023-09-28 11:45
Modified
2023-09-28 11:45
Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-lusitaniae-apache_exporter:
- Security issues fixed:
* CVE-2022-32149: Fix denial of service vulnerability (bsc#1204501)
* CVE-2022-41723: Fix uncontrolled resource consumption (bsc#1208270)
* CVE-2022-46146: Fix authentication bypass vulnarability (bsc#1208046)
- Changes and bugs fixed:
* Updated to 1.0.0 (jsc#PED-5405)
+ Improved flag parsing
+ Added support for custom headers
* Changes from 0.13.1
+ Fix panic caused by missing flagConfig options
* Changes from 0.11.0 (jsc#SLE-24791)
+ Add TLS support
+ Switch to logger, please check --log.level and --log.format flags
* Changes from 0.10.1
+ Bugfix: Reset ProxyBalancer metrics on each scrape to
remove stale data
* Changes from 0.10.0
+ Add Apache Proxy and other metrics
* Changes from 0.8.0
+ Change commandline flags
+ Add metrics: Apache version, request duration total
* Changes from 0.7.0
+ Handle OS TERM signals
* Changes from 0.6.0
+ Add option to override host name
* Added support for Red Hat Enterprise Linux
* Added AppArmor profile
* Added sandboxing options to systemd service unit
* Build using promu
* Build with Go 1.19
* Exclude s390 architecture
golang-github-prometheus-node_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
golang-github-QubitProducts-exporter_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
prometheus-postgres_exporter:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.
scap-security-guide:
- Updated to 0.1.69 (jsc#ECO-3319)
- Introduce a JSON build manifest
- Introduce a script to compare ComplianceAsCode versions
- Introduce CCN profiles for Red Hat Enterprise Linux 9
- Map rules to components
- products/anolis23: supports Anolis OS 23
- Render components to HTML
- Store rendered control files
- Test and use rules to components mapping
- Use distributed product properties
- Revert patch that breaks the SLE hardening (bsc#1213691)
- Changes from 0.1.68 (jsc#ECO-3319)
- Bump OL8 STIG version to V1R6
- Introduce a Product class, make the project work with it
- Introduce Fedora and Firefox CaC profiles for common workstation users
- OL7 DISA STIG v2r11 update
- Publish rendered policy artifacts
- Update ANSSI BP-028 to version 2.0
- Changes from 0.1.67 (jsc#ECO-3319)
- Add utils/controlrefcheck.py
- Red Hat Enterprise Linux 9 STIG Update Q1 2023
- Include warning for NetworkManager keyfiles in Red Hat Enterprise Linux 9
- OL7 stig v2r10 update
- Bump version of OL8 STIG to V1R5
- Various enhancements to SLE profiles
spacecmd:
- Updated to 4.3.23-1
* Update translation strings
Patchnames
SUSE-2023-3875,SUSE-EL-9-CLIENT-TOOLS-2023-3875
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Security issues fixed:\n * CVE-2022-32149: Fix denial of service vulnerability (bsc#1204501)\n * CVE-2022-41723: Fix uncontrolled resource consumption (bsc#1208270)\n * CVE-2022-46146: Fix authentication bypass vulnarability (bsc#1208046)\n- Changes and bugs fixed:\n * Updated to 1.0.0 (jsc#PED-5405)\n + Improved flag parsing\n + Added support for custom headers\n * Changes from 0.13.1\n + Fix panic caused by missing flagConfig options\n * Changes from 0.11.0 (jsc#SLE-24791)\n + Add TLS support\n + Switch to logger, please check --log.level and --log.format flags\n * Changes from 0.10.1\n + Bugfix: Reset ProxyBalancer metrics on each scrape to\n remove stale data\n * Changes from 0.10.0\n + Add Apache Proxy and other metrics\n * Changes from 0.8.0\n + Change commandline flags\n + Add metrics: Apache version, request duration total\n * Changes from 0.7.0\n + Handle OS TERM signals\n * Changes from 0.6.0\n + Add option to override host name\n * Added support for Red Hat Enterprise Linux\n * Added AppArmor profile\n * Added sandboxing options to systemd service unit\n * Build using promu\n * Build with Go 1.19\n * Exclude s390 architecture\n\ngolang-github-prometheus-node_exporter:\n\n- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server\n while validating signatures for extremely large RSA keys. (bsc#1213880)\n There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server\n while validating signatures for extremely large RSA keys. (bsc#1213880)\n There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.\n\nprometheus-postgres_exporter:\n\n- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server\n while validating signatures for extremely large RSA keys. (bsc#1213880)\n There are no direct source changes. The CVE is fixed rebuilding the sources with the patched Go version.\n\nscap-security-guide:\n\n- Updated to 0.1.69 (jsc#ECO-3319)\n - Introduce a JSON build manifest\n - Introduce a script to compare ComplianceAsCode versions\n - Introduce CCN profiles for Red Hat Enterprise Linux 9\n - Map rules to components\n - products/anolis23: supports Anolis OS 23\n - Render components to HTML\n - Store rendered control files\n - Test and use rules to components mapping\n - Use distributed product properties\n- Revert patch that breaks the SLE hardening (bsc#1213691)\n- Changes from 0.1.68 (jsc#ECO-3319)\n - Bump OL8 STIG version to V1R6\n - Introduce a Product class, make the project work with it\n - Introduce Fedora and Firefox CaC profiles for common workstation users\n - OL7 DISA STIG v2r11 update\n - Publish rendered policy artifacts\n - Update ANSSI BP-028 to version 2.0\n- Changes from 0.1.67 (jsc#ECO-3319)\n - Add utils/controlrefcheck.py\n - Red Hat Enterprise Linux 9 STIG Update Q1 2023\n - Include warning for NetworkManager keyfiles in Red Hat Enterprise Linux 9\n - OL7 stig v2r10 update\n - Bump version of OL8 STIG to V1R5\n- Various enhancements to SLE profiles\n\nspacecmd:\n\n- Updated to 4.3.23-1\n * Update translation strings\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-3875,SUSE-EL-9-CLIENT-TOOLS-2023-3875",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3875-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:3875-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233875-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:3875-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-September/031784.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204501",
"url": "https://bugzilla.suse.com/1204501"
},
{
"category": "self",
"summary": "SUSE Bug 1208046",
"url": "https://bugzilla.suse.com/1208046"
},
{
"category": "self",
"summary": "SUSE Bug 1208270",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "self",
"summary": "SUSE Bug 1213691",
"url": "https://bugzilla.suse.com/1213691"
},
{
"category": "self",
"summary": "SUSE Bug 1213880",
"url": "https://bugzilla.suse.com/1213880"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29409 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29409/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2023-09-28T11:45:38Z",
"generator": {
"date": "2023-09-28T11:45:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:3875-1",
"initial_release_date": "2023-09-28T11:45:38Z",
"revision_history": [
{
"date": "2023-09-28T11:45:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"product_id": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "scap-security-guide-0.1.69-1.12.2.noarch",
"product": {
"name": "scap-security-guide-0.1.69-1.12.2.noarch",
"product_id": "scap-security-guide-0.1.69-1.12.2.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-debian-0.1.69-1.12.2.noarch",
"product": {
"name": "scap-security-guide-debian-0.1.69-1.12.2.noarch",
"product_id": "scap-security-guide-debian-0.1.69-1.12.2.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"product": {
"name": "scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"product_id": "scap-security-guide-redhat-0.1.69-1.12.2.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"product": {
"name": "scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"product_id": "scap-security-guide-ubuntu-0.1.69-1.12.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.3.23-1.18.2.noarch",
"product": {
"name": "spacecmd-4.3.23-1.18.2.noarch",
"product_id": "spacecmd-4.3.23-1.18.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"product_id": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"product_id": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"product": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"product_id": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE:EL-9:Update:Products:ManagerTools:Update",
"product": {
"name": "SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product": {
"name": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-0.1.69-1.12.2.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch"
},
"product_reference": "scap-security-guide-0.1.69-1.12.2.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-debian-0.1.69-1.12.2.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch"
},
"product_reference": "scap-security-guide-debian-0.1.69-1.12.2.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-redhat-0.1.69-1.12.2.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch"
},
"product_reference": "scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-ubuntu-0.1.69-1.12.2.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch"
},
"product_reference": "scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.23-1.18.2.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
},
"product_reference": "spacecmd-4.3.23-1.18.2.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64"
},
"product_reference": "prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-redhat-0.1.69-1.12.2.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch"
},
"product_reference": "scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.3.23-1.18.2.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch"
},
"product_reference": "spacecmd-4.3.23-1.18.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32149"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32149",
"url": "https://www.suse.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "SUSE Bug 1204501 for CVE-2022-32149",
"url": "https://bugzilla.suse.com/1204501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-28T11:45:38Z",
"details": "important"
}
],
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-41723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41723"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41723",
"url": "https://www.suse.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "SUSE Bug 1208270 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-28T11:45:38Z",
"details": "important"
}
],
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-46146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46146"
}
],
"notes": [
{
"category": "general",
"text": "Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users\u0027 bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46146",
"url": "https://www.suse.com/security/cve/CVE-2022-46146"
},
{
"category": "external",
"summary": "SUSE Bug 1208046 for CVE-2022-46146",
"url": "https://bugzilla.suse.com/1208046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-28T11:45:38Z",
"details": "important"
}
],
"title": "CVE-2022-46146"
},
{
"cve": "CVE-2023-29409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29409"
}
],
"notes": [
{
"category": "general",
"text": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to \u003c= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29409",
"url": "https://www.suse.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "SUSE Bug 1213880 for CVE-2023-29409",
"url": "https://bugzilla.suse.com/1213880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-4.3.23-1.18.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-QubitProducts-exporter_exporter-0.4.0-1.6.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.0-1.8.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-prometheus-node_exporter-1.5.0-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:prometheus-postgres_exporter-0.10.1-1.9.2.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.69-1.12.2.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-4.3.23-1.18.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-28T11:45:38Z",
"details": "important"
}
],
"title": "CVE-2023-29409"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…