alloy (SUSE:Linux Enterprise Server 16.0) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 16.0 package alloy, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2025-31133 — CVSS 7.8 (high): runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through…
CVE-2025-68156 — CVSS 7.5 (high): Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including…
CVE-2025-47913 — CVSS 7.5 (high): SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
CVE-2025-52565 — CVSS 7.5 (high): runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1…
CVE-2025-52881 — CVSS 7.5 (high): runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an…
CVE-2025-11065 — CVSS 5.3 (medium): A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This…
CVE-2025-47911 — CVSS 5.3 (medium): The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial…
CVE-2025-58058 — CVSS 5.3 (medium): xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an…
CVE-2025-58190 — CVSS 5.3 (medium): The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of…