[SUSE-SU-2023:1902-1] Security update for SUSE Manager Client Tools
Severity
Important
CVEs
3
Security update for SUSE Manager Client Tools
This update fixes the following issues:
grafana version update from 8.5.20 to 8.5.22:
Security issues fixed:
- CVE-2023-1410: Fix XSS in Graphite functions tooltip (bsc#1209645)
- CVE-2023-0507: Apply attribute sanitation to GeomapPanel (bsc#1208821)
- CVE-2023-0594: Avoid storing XSS in TraceView panel (bsc#1208819)
The following non-security bug was fixed:
- Login: Fix panic when UpsertUser is called without ReqContext
- ID
- SUSE-SU-2023:1902-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20231902-1/
- Published
-
2023-04-19T03:08:57
(17 months ago) - Modified
-
2023-04-19T03:08:57
(17 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1902-1.json | |
Suse | URL for SUSE-SU-2023:1902-1 | https://www.suse.com/support/update/announcement/2023/suse-su-20231902-1/ | |
Suse | E-Mail link for SUSE-SU-2023:1902-1 | https://lists.suse.com/pipermail/sle-updates/2023-April/028875.html | |
Bugzilla | SUSE Bug 1208819 | https://bugzilla.suse.com/1208819 | |
Bugzilla | SUSE Bug 1208821 | https://bugzilla.suse.com/1208821 | |
Bugzilla | SUSE Bug 1209645 | https://bugzilla.suse.com/1209645 | |
CVE | SUSE CVE CVE-2023-0507 page | https://www.suse.com/security/cve/CVE-2023-0507/ | |
CVE | SUSE CVE CVE-2023-0594 page | https://www.suse.com/security/cve/CVE-2023-0594/ | |
CVE | SUSE CVE CVE-2023-1410 page | https://www.suse.com/security/cve/CVE-2023-1410/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |