Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Client Tools 12 package kiwi-desc-saltboot, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2022-21698 — CVSS 7.5 (high): client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling…
CVE-2022-31097 — CVSS 7.3 (high): Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and…
CVE-2022-31107 — CVSS 7.1 (high): Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible…
CVE-2022-39201 — CVSS 6.8 (medium): Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and…
CVE-2022-39307 — CVSS 6.7 (medium): Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is…
CVE-2022-39306 — CVSS 6.4 (medium): Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to…
CVE-2023-28370 — CVSS 6.1 (medium): Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an…
CVE-2022-31123 — CVSS 6.1 (medium): Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in…
CVE-2022-31130 — CVSS 4.9 (medium): Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could…
CVE-2022-39229 — CVSS 4.3 (medium): Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to…
CVE-2019-10136 — CVSS 4.3 (medium): It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but…