golang-github-prometheus-node_exporter (SUSE:Manager Client Tools for SLE Micro 5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Client Tools for SLE Micro 5 package golang-github-prometheus-node_exporter, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2026-1615 — CVSS 9.8 (critical): Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path…
CVE-2026-25547: @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is…
CVE-2025-12816 — CVSS 8.6 (high): An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft…
CVE-2022-27664 — CVSS 7.5 (high): In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang…
CVE-2022-27191 — CVSS 7.5 (high): The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain…
CVE-2023-45288 — CVSS 7.5 (high): An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames…
CVE-2022-46146 — CVSS 6.2 (medium): Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a…
CVE-2025-13465 — CVSS 5.3 (medium): Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass…
CVE-2023-29409 — CVSS 5.3 (medium): Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the…
CVE-2025-22870 — CVSS 4.4 (medium): Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY…